The Challenge
Navigating 108 “Yes” or “No” Subcategories in a “Maybe” Reality.
NIST’s CSF is comprised of 108 subcategories covering a wide range of concepts that, when combined, support organizations in creating a robust and measurable cybersecurity program to manage risk. The challenge is that these subcategories are all created to be addressed in a “yes” or “no” format when cybersecurity programs are rarely, if ever, that simple.
Due to the complex nature of enterprise cybersecurity programs, many organizations have adopted a “1-N” relationship where one subcategory could be aligned to multiple practices or tools within information security.
So, how do companies meet the rigorous standards set by the NIST Framework in the face of rising cyber threats and the reality of 1-N relationships among subcategories? By integrating SPHEREboard as an Identity Hygiene and remediation platform along with other security components, like those from our extensive connector library, to close the gaps in their cybersecurity program.
