GFirst5

GFIRST5: The Five Pillars of Cyber Security: Threat, Vulnerability, Attack & Detection, Mitigation and Reflection. These foundations support the cyber security and incident response community by identifying the core components of incident management. Regardless of what sector you work in, these five pillars provide a framework that must be covered to secure information systems.

The Five Pillars of Cyber Security:

Threat: Collection and analysis of information regarding attacks and/or malware utilized to breach controls in information systems that would otherwise be unavailable to our constituency. Organizations need to understand the threats: who are they, what their intent is, and what capabilities they have. Understanding the threat assists in protecting systems against them and helps organizations prioritize them.

Vulnerability: Providing identification and aggregation of exploitable weaknesses in information systems from an authoritative source. Understanding the vulnerabilities being exploited by attackers is key to planning the release of information and protecting systems. Once the vulnerabilities are understood, they can be prioritized against other vulnerabilities which will assist in determining those that are most important to protect against and mitigate first (i.e. patching). Prioritization allows organizations to release high quality products with the most important, relevant information.

Attack & Detection: Actions used to identify threat activity that exists in a complex, multi-agency, multi-platform environment. Attack & Detection is better implemented once an organization understands the threat and the vulnerabilities being exploited. Once this information is understood, organizations can implement the appropriate detection mechanisms on their systems.

Mitigation: Solutions that contain or resolve risks through analysis of threat activity and vulnerability data which provide timely and accurate responses. Mitigation is the way in which organizations prevent attacks, reduce vulnerabilities and fix systems. Mitigation is sometimes difficult to implement as it is time consuming and tedious, but prioritization coupled with understanding the threats and vulnerabilities assists in forming an effective mitigation strategy.

Reflection: Maturing and developing the defense of critical information systems by compelling or influencing changes in law, regulation, policy, or procedure. Reflection allows organizations to review the threats, vulnerabilities exploited, attacks and overall system posture to implement policy and technology changes that will assist in protecting systems from similar incidents in the future.

Don’t miss your opportunity to hear the latest in cyber security trends and technology plus interact with key industry and government leaders. In an increasingly connected society, building partnerships and strengthening relationships among the incident response and security community are essential to effective response coordination and collaboration – and the 5th Annual GFIRST National Conference is the place to be this summer!