With cyber security attacks on the rise, the need for holistic standards based security solutions is paramount. Organizations large and small today find themselves battling ever evolving cyber adversaries in the face of shrinking budgets. Deciding how to prioritize cyber security spending often becomes a marketing exercise instead of one based upon standards and a sound understanding of cyber security risk. With the myriad challenges facing our customers, we understand that the need for a standards based framework is the best way to achieve consistent cyber security outcomes.

Developed in response to Executive Order (EO) 13636 “Improving Critical Infrastructure Cyber security” of February 2013, the Framework recommends risk management processes that enable organizations to inform and prioritize decisions regarding cyber security based on business needs, without additional regulatory requirements. It enables organizations—regardless of sector, size, degree of cyber security risk, or cyber security sophistication—to apply the principles and effective practices of risk management to improve the security and resilience of critical infrastructure. The Framework is designed to complement, and not replace or limit, an organization’s risk management process and cyber security program and has been adopted by IQIT Technology as the basis of its existing Cyber Security Program.

Implementation

The IQIT Technology Cyber Security Management program addresses the Cyber security Framework (CSF) throughout every facet of the program, as illustrated in the adjacent diagram. At each point in the cycle, we address a corresponding Cyber security Framework-centered focus. The IQIT Technology Account Executives, Architects, Consultants, and Engineers are all well versed in the framework and its mapping to the IQIT Technology Project Management process.

The tenets of the Cybersecurity Framework are woven in the culture of IQIT Technology, and the implementation of the framework is based on a continuous-improvement methodology. By following the framework, we’re able to help our customers understand their current risk profile and develop a roadmap for improvement.