by Angela Guess
John Weathington recently wrote in TechRepublic, “If your organization wants to incorporate data science into its cybersecurity program, you may not know where to start. Fortunately, thanks to an agency of the US Department of Commerce, you don’t have to approach this with a blank slate. When considering a data science solution to cybersecurity, you might want to start with the National Institute of Standards and Technology’s (NIST) Framework for Improving Critical Infrastructure Cybersecurity. The NIST’s framework is easy to understand, and it’s detailed and prescriptive, so you can quickly conceptualize how this might materialize in your organization. It also opens the door for a lot of data science opportunities that we can explore.”
Weathington goes on, “At its core, the framework comprises five basic functions: Identify, Protect, Detect, Respond, and Recover. The Identify function is largely concerned with knowing what assets need to be protected and the risk analysis required to assign the highest priorities to your highest-risk assets. Although asset identification should be a somewhat perfunctory operation within your company, what’s more interesting from a data science perspective is the risk management aspect. You’ll need to risk rank your assets based on probability of attack (POA) and consequence of breach (COB). It may be wise to task your data science team to develop a quantitative model to help in this endeavor.”
photo credit: NIST.gov