Cybersecurity Frameworks

NIST CSF, NIST 800-53, ISO 27000, CIS Critical Security Controls

What is a Cybersecurity Framework?

A cybersecurity framework is an organized set of security controls and practices that can help you address common security risks, perform gap assessments, and build security roadmaps.

The most popular cybersecurity framework is the NIST Cybersecurity Framework, also known as NIST CSF. It helps security managers identify cybersecurity risks across the organization’s business activities and then structure a profile of control capabilities. The NIST framework breaks security functions into five categories: Identify, Protect, Detect, Respond and Recover.

Unlike industry standards (such as PCI-DSS) or government regulations (such as NERC CIP), cybersecurity frameworks are not prescriptive. They give you flexibility in choosing what risks you want to address and how you address them.

Cybersecurity frameworks are based on best-practices from leading organizations. They provide suggestions on “what” you should do to secure your digital assets. They typically refer to control frameworks for specific recommendations on “how” to perform each function.

Armis Support for NIST CSF

Armis is an agentless device security platform that provides a broad range of security functions that span ten of the NIST CSF controls across the categories Identify, Protect, Detect, and Respond.

FunctionIdentifierCategory NameArmis
IdentifyID.AMAsset Management
ID.BEBusiness Environment
ID.GVGovernance
ID.RARisk Assessment
ID.RMRisk Management Strategy
ID.SCSupply Chain Risk Management
ProtectPR.ACIdentity Management and Access Control
PR.ATAwareness and Training
PR.DSData Security
PR.IPInformation Protection Processes
PR.MAMaintenance
PR.PTProtective Technology
DetectDE.AEAnomalies and Events
DE.CMSecurity Continuous Monitoring
DE.DPDetection Processes
RespondRS.RPResponse Planning
RS.COCommunications
RS.ANAnalysis
RS.MIMitigation
RS.IMImprovements
RecoverRC.RPRecovery Planning
RC.IMImprovements
RC.COCommunications

What is a Control Framework?

Control frameworks are similar to cybersecurity frameworks, but they tend to be less focused on security architecture and more focused on “how” to perform each security function. They also tend to be more prescriptive. The most widely used control frameworks are NIST SP 800-53 and the CIS Controls list (also sometimes referred to as CIS Critical Security Controls).

Initially developed in 2009 by the SANS Institute and known as the SANS Critical Controls, the CIS Controls are now managed by the Center for Internet Security (CIS). The controls are periodically updated by a worldwide community of experts who apply their experience as CISOs and security professionals. The current version of the CIS Controls is 7.1.

One reason why the CIS Controls are so popular is because the control list is so clear and succinct, as compared to, say, NIST SP 800-53 which is much more voluminous. The CIS Controls prioritize and focus on a smaller number of activities, with a correspondingly higher return on investment.

The twenty CIS controls are separated into three categories: basic, foundational and organizational. Originally, SANS recommended that organizations with limited resources implement the six basic controls first. But in 2019, CIS issued more nuanced guidance in the form of implementation groups. Each implementation group identifies a set of CIS Controls that is appropriate for an organization with a similar risk profile and resources to strive to implement.

Address the CIS Critical Security Controls with Armis

Armis Support for CIS Critical Security Controls

Armis is an agentless device security platform that has been specifically designed to help you implement the CIS Critical Security Controls. Because Armis does not require agents, it works with all types of assets—managed, unmanaged, and IoT devices. Armis is cloud-based, so it is fast and easy to deploy, and it requires very little in terms of administrative maintenance.

Armis provides a broad range of security controls that align with multiple cybersecurity frameworks.

See Every Thing

Every Device

Every Connection

See a live demonstration of the Armis agentless device security platform.