NIST and the NIS Directive / Regulations
NIST is the National Institute of Standards and Technology and they were selected for the task of developing the NIST Framework because they are a non-regulatory federal agency. They act as an unbiased source of scientific data and practices, including cybersecurity practices.
The framework was the result of a US executive order in 2013. By 2014 it was adopted globally, partly due to global organisations having a U.S. Headquarters and being U.S. owned. Organisations such as Google, Amazon/AWS, Paypal and Morgan Stanley.
The framework itself is made up of 5 functions; identify, protect, detect, respond and recover.
The functions are further broken down into 23 categories and underneath those categories are 108 sub-categories.
In August 2017 the UK government published the first version of the NIS Directive to guide suppliers of essential services to the Critical National Infrastructure. The NIS directive is closely aligned to the NIST Cyber Security Framework.
In June 2018 the Cabinet Office developed the minimum cyber security standard and it is also closely aligned to the NIST Cyber Security Framework.
With the UK leaving the EU, the NIS Directive has now become the NIS Regulations.
The remit of business’s security functions is constantly changing and expanding.
Organising your security operations into headings helps to introduce a workflow in order to assign activities to teams or individuals.
IP-Performance have a variety of products and services which are aligned with these frameworks. Our aim is to be able to offer assistance at any of the stages of your journey in a way that is complimentary to standards and best practice.
-
I just wanted to take a moment to personally thank IP Performance for all your help and guidance during our recent upgrade project. Upgrading all three of our production clusters was a huge undertaking, especially with the amount of traffic they serve and thousands of services they deliver. Achieving this with zero downtime was no small feat and your expertise and quick responses were absolutely crucial in making it happen. It really felt like you were part of our team throughout this process and were more than just providing support but indeed kind of taking ownership of all the challenges and issues we had during this migration which we couldn’t have done as smoothly without your support.
Khalid Kamal,
European Bioinformatics Institute
