Tech consultant explains the benefits of NIST's cybersecurity framework

31 May 2019 Consultancy.co.za

The new Cybersecurity Framework developed by the National Institute of Standards and Technology (NIST) has a number of features that could allow organisations across South Africa to prevent cyber attacks, and is completely free to implement. This is according to Raymond du Plessis of Mobius Consulting.

The struggle between implementing technology and controlling costs is one that several South African businesses are engaged in. The new digital market has brought with it a sea of benefits on a large scale, but has also been accompanied by new costs in developing and implementing technology.

Firms in South Africa have been slow to invest in technologies at first, although recent reports have indicated that they are beginning to make the large, long-term investments. Nevertheless, the investment in digitalisation doesn’t stop at enhancing the operations of an organisation.

Tech consultant explains the benefits of NIST's cybersecurity framework

Operating in the digital sphere brings with it a range of risks associated with cyber crime, which can be devastating to firms as well as their clients and customers. As a result, firms have to invest in an entire cybersecurity infrastructure to ensure that their newly digitalised operations remain protected.

The new NIST Cybersecurity Framework is an infrastructural tool of exactly this nature, which presents a solution to the problem of rising costs. The framework has a number of capabilities, which include five core functions. These are the ability to identify, protect, detect, respond and recover from attacks of differing nature.

According to Raymond du Plessis, Senior Managing Consultant at Mobius Consulting, the framework has a number of benefits. “It is being used by more and more organisations, not only in the US, but in South Africa and round the world. One of the cool things is that it is completely free,” said Du Plessis.

“There are 287 controls split into five core functions and that's the trick. They've taken the controls we're all used to and rearranged them into these pillars. You can think of them as functions to reinforce security,” he added. Du Plessis was speaking at the ITWeb Security Summit 2019, held in Johannesburg.