Exploring the Latest NIST Cybersecurity Framework (CSF) with Build38’s Chief Technology Officer, Marc Obrador
In today’s digital age, cybersecurity is a paramount concern for organisations of all sizes. As cyber threats continue to evolve and proliferate, the need for robust cybersecurity measures is more critical than ever.
Recognising this, the National Institute of Standards and Technology (NIST) released its ground-breaking Cybersecurity Framework (CSF) in 2014.
This framework provided a comprehensive approach to understanding, reducing, and communicating about cybersecurity risk. Now, a decade later, NIST is gearing up for the first complete makeover of the CSF, with significant enhancements that reflect the ever-changing cybersecurity landscape.
In this blog post, we will look into the upcoming changes in NIST’s CSF, including the introduction of the “govern” function, which underscores the centrality of cybersecurity as an enterprise risk.
In the ever-evolving landscape of Mobile Application Security, there’s a crucial element that has often been overshadowed: governance. Traditionally, security solutions, especially Runtime Application Self-Protection (RASP) tools, have primarily focused on local detection and response mechanisms within the confines of the device. However, the paradigm is shifting with the emergence of modern solutions like Build38’s XDR (Extended Detection and Response) frameworks, which emphasises the importance of governance within the NIST cybersecurity framework.
The significance of this shift cannot be overstated, as it addresses a long-standing gap in the mobile app security domain. It’s no longer sufficient to merely release an application with a belief in its inherent security; rather, the key lies in real-time awareness of ongoing attacks, the ability to gauge attack trends, identify affected users, and take timely and decisive actions. This paradigm shift, led by the new governance pillar, promises to shed light on an aspect of Mobile Application Security that has often been overlooked and underappreciated.
In this article, we will explore NIST’s Cybersecurity Framework (CSF) and what Build38’s Chief Technology Officer, Marc Obrador has to say about it.
Identify: The foundation of CSF
The “Identify” pillar remains the foundation of the CSF. Organisations must first understand their cybersecurity risks. This involves asset identification, threat assessment, and vulnerability management. By comprehensively identifying their cybersecurity posture, organisations can tailor their strategies to protect critical assets effectively.
Within the Identify Pillar, Build38 adopts a comprehensive approach that places shared responsibility at its core. Collaborating closely with customers, Build38’s technical expertise shines in assisting organisations in identifying critical assets and potential risks. Leveraging the power of cloud infrastructure, the company facilitates the precise identification of these assets, providing clients with clear and actionable insights. This strategic alignment with customers not only safeguards user data and intellectual property but also ensures the uninterrupted flow of secure business operations. By placing data protection and governance at the forefront of their approach, Build38 goes beyond safeguarding mobile applications; it builds a foundation of trust with customers, reinforcing their commitment to holistic mobile app security.
Protect: Safeguarding assets and ensuring their resilience against cyber threats
The “Protect” function continues to emphasise safeguarding assets and ensuring their resilience against cyber threats. This includes measures like access control, data encryption, and code integrity verification. Robust protection measures are essential for minimising vulnerabilities.
Under the Protect Pillar, Build38 employs a multi-faceted technical approach to fortify mobile application security. This includes multiple layers of protection, incorporating runtime checks and static analysis, which work in tandem to identify and mitigate threats effectively.
Moreover, Build38 implements advanced prevention mechanisms, such as code obfuscation, ensuring the safeguarding of code integrity and the protection of intellectual property. Beyond this, their secure environment envelops not only code but also data and communications, creating a comprehensive defense mechanism.
From a business standpoint, this approach translates into invaluable protection against data breaches and intellectual property theft, instilling trust in users and safeguarding vital business information. By maintaining the integrity of mobile applications, Build38 ensures that their clients can operate confidently and securely in the ever-evolving digital landscape.
Detect: the importance of continuous monitoring
The “Detect” pillar highlights the importance of continuous monitoring to identify and respond promptly to cybersecurity incidents. Effective threat detection mechanisms, such as intrusion detection systems and security information and event management (SIEM) solutions, are essential for early threat detection.
Regarding the Detect Pillar within the NIST framework, Build38 exhibits a proactive technical approach that places real-time Mobile Application security at the forefront. Through continuous monitoring and the vigilant detection of anomalies, Build38 ensures that potential threats are identified promptly as they surface. Equally essential is their seamless transfer of these detected anomalies to backend systems, which serves as the foundation for further analysis and insights.
Build38’s forward-thinking strategy extends to its innovative insights portal, complemented by REST APIs designed for seamless integration into clients’ business logic.
From a business perspective, Build38’s approach to the Detect Pillar translates into invaluable assets for organisations. By providing real-time insights into attacks and threats, they equip businesses with the critical intelligence needed for immediate response and mitigation. The governance capabilities offered by Build38 empower companies to take proactive measures, thereby safeguarding their Mobile Applications and user data.
Furthermore, this approach elevates the decision-making process, enabling firms to make informed choices based on comprehensive attack data. In essence, Build38’s commitment to the Detect Pillar empowers businesses with the tools and insights necessary to maintain robust Mobile Application security in an ever-evolving threat landscape.
Respond: effective action in a cybersecurity incident
In the event of a cybersecurity incident, the “Respond” function guides organizations in taking swift and effective action. This includes incident response planning, communication strategies, and damage mitigation. A well-prepared response can significantly reduce the impact of a security breach.
Within the Respond Pillar of the NIST framework, Build38 adopts a swift and robust technical approach to bolster Mobile Application security. Upon the detection of threats, Build38 implements a proactive strategy, promptly terminating application processes to prevent further damage.
The critical element of this approach is the efficient transfer of alarming data to the backend for in-depth analysis, ensuring that each security incident is thoroughly examined. In response to suspicious activities, Build38’s strategy includes the ability to block application instances, effectively halting potential threats in their tracks. Furthermore, their comprehensive capabilities extend to data wiping and account locking, ensuring the protection of user data, especially in the unfortunate event of device loss or theft.
“It’s not about putting an application that you believe is secure out there and trusting that it’s actually going to remain secure. It is about getting information about the attacks that are happening in real-time, being able to measure whether attacks are going up or down, which users are affected by attacks.” – Marc Obrador, Chief Technology Officer, Build38.
From a business perspective, Build38’s approach to the Respond Pillar serves as a robust safeguard against the potential fallout from security breaches. By promptly terminating application processes upon threat detection, they prevent the escalation of attacks and the resulting damage. The transfer of alarming data to the backend facilitates enhanced security incident response, allowing companies to explore deeper into security incidents and formulate more effective countermeasures. Additionally, Build38’s data wipe and account lock capabilities provide a vital layer of protection for user data, mitigating the potential consequences of device loss or theft.
In essence, Build38’s commitment to the Respond Pillar underscores its dedication to fortifying mobile application security and safeguarding both businesses and users from the impact of security incidents.
Recover: ability to recover from a cybersecurity incident
The “Recover” pillar focuses on resilience and the ability to quickly recover from a cybersecurity incident. It involves developing and testing recovery plans to ensure minimal disruption to business operations. An efficient recovery process is crucial for business continuity.
In addressing the Recover Pillar of the NIST Cybersecurity Framework, Build38’s approach to mobile application security takes a somewhat different path. While the recovery aspect traditionally plays a more prominent role in cybersecurity, especially for systems handling sensitive business data, Build38 acknowledges the unique landscape of Mobile App security. Here, their focus is not primarily on recovery but on prevention and protection.
Their commitment lies in safeguarding customer data to minimise disruption to users in case of security incidents. In the event of a breach or device loss, Build38’s strategy includes data wiping and account-blocking measures to ensure the utmost security for customers’ sensitive information.
From a business perspective, Build38’s approach aligns with the evolving nature of Mobile Application Security. It recognises that the paramount concern is not just recovering from incidents but preventing them in the first place. By emphasising data protection and swift action to secure user data, Build38 helps businesses maintain a robust security posture while preserving customer trust and confidence. This approach ensures that the impact of security incidents remains minimal, with a proactive stance that prioritises data security and user experience.
Govern: The latest addition to the CSF
The latest addition to the CSF is the “Govern” function. This reflects a significant shift in cybersecurity thinking. It underscores that cybersecurity is not just an IT issue but a critical enterprise risk that should concern senior leadership and board members. The “Governance” function encourages organisations to establish and maintain an effective governance structure that integrates cybersecurity into their overall risk management strategy.
By acknowledging that cybersecurity is a top-level concern, the “Govern” function aligns the CSF with modern cybersecurity practices. It empowers organisations to prioritise cybersecurity at the highest levels of decision-making, ensuring that resources are allocated appropriately to manage and mitigate cybersecurity risks.
Build38’s approach to the Govern Pillar within the NIST framework reflects a forward-thinking perspective on mobile application security. With the introduction of the new governance pillar, they are pioneering a transformative shift in the landscape. Their technical strategy extends visibility and control beyond the application layer, reaching deep into backend systems. By providing a comprehensive platform for Mobile Application Security, Build38 empowers companies to stay ahead in the dynamic cybersecurity landscape.
“Traditionally, and with the original framework, governance has been overlooked when talking about Mobile App Security. The visibility on the attacks happening on the field, the governance of the applications, was mostly largerly ignored by existing regulations, but now it’s already changing. For example, with PCI MOC, you must have backend components that allow you to monitor all the applications on the field and define security rules all with them aim to enable governability. But in the past, the regulations focused purely or almost exclusively on what happened on the device and did not require this extended visibility and governance of the apps. Luckily, it’s already changing.” – Marc Obrador, Chief Technology Officer, Build38.
From a business perspective, this approach aligns perfectly with the changing regulatory landscape. It ensures regulatory compliance in a landscape marked by evolving standards and stringent requirements. By enhancing governance and management capabilities for mobile applications, Build38 offers organisations the means to effectively safeguard their apps and user data. Moreover, this approach builds trust with stakeholders and customers by demonstrating a commitment to comprehensive security measures that go beyond the surface, ultimately reinforcing their position as a leader in Mobile application security.
The forthcoming update of NIST’s Cybersecurity Framework is a testament to its commitment to adapting to the evolving cybersecurity landscape. By introducing the “govern” function, NIST recognises that cybersecurity is not solely the responsibility of IT departments but a strategic concern that should be integrated into an organisation’s risk management framework. This update will equip organisations with a more robust and adaptable framework to address cybersecurity challenges effectively. In a world where cyber threats continue to grow in sophistication and frequency, NIST’s CSF 2.0 will serve as an invaluable guide, helping organisations protect their assets, their reputation, and their future.
While it’s clear that Build38 has been at the forefront of advocating and implementing the principles of the NIST cybersecurity framework, it’s still early days to quantify the tangible impact it has had on mobile application security and businesses. This article highlighted the significance of the governance pillar, which was overlooked in the past, and now takes centre stage in the evolving landscape of cybersecurity.
Build38’s proactive approach to extending visibility and control to backend systems reflects their commitment to comprehensive mobile application security. It’s evident that the impact of this framework is expected to be felt more prominently in the coming years, particularly through changing regulations.
As for advice on implementation, Build38’s ongoing commitment to pushing the boundaries of Mobile Application security ensures that they are well-prepared to support businesses and developers when the time comes. In the interim, Build38 remains dedicated to fortifying mobile application security and building trust through comprehensive security measures, ultimately safeguarding businesses and users in an ever-evolving cybersecurity landscape.
If you want to learn more about the NISTs Cybersecurity Framework and learn how to elevate your Mobile Application security, get in touch with us here.