The National of Standards and Technology
The National of Standards and Technology supports the creation of mitigation strategies, practical security goals, operations, and roles that ensure information technology infrastructure for cloud computing is secure. The cybersecurity framework comprises rules, standards, and practices that are utilized for the effective management of cybersecurity. The National of Standards and Technology cybersecurity framework offers directives that support experts in the computer science field and IT in general to create a low-cost model that has set standards and support flexibility to enables a company to achieve its goals and objectives. CSF offers a simple and straightforward model that allows the development of a secure cloud computing system. The image below summarizes the framework under discussion:
The picture above is retrieved from https://www.nist.gov/cyberframework
The structure above has three significant elements, which include the profiles, core, and tiers for implementation. The core offers a set of required cybersecurity operations and results utilizing similar algorithms that are easily understandable. The core of the framework contains rules used for management and reduction of risks in a model that will eliminate all the present risks within the organization. The model implementation tiers enable the understanding of organizations’ view of the network safety risk management. The layers direct the healthcare company to consider the best level of rigor or security purposes. They are utilized as a communication framework for discussion of risk prevalence, cybersecurity expenditure budget, and objectives priorities. The existing profiles are primarily used in the identification and prioritization of opportunities that support the improvement of the system’s cybersecurity. In the healthcare sector, the federal government’s HIPAA issued in the implementation of the confidential, integral, and presentability of healthcare data. Don't use plagiarised sources.Get your custom essay just from $11/page
The image below summarizes the steps in this cybersecurity framework, which includes identification of risks, protection, detection, response, and recovery from any imminent threat.
Retrieved from https://d1.awsstatic.com/whitepapers/compliance/NIST_Cybersecurity_Framework_CSF.pdf
The identification section of the CSF entails six components, which are resources management, governance, business setting, assessment of risk, management methodology, and supply chain tragedy management. The mentioned components are used to enhance the interpretation of system risk management, system capacity, data, people, and assets. The subcategories are explained in the image below:
Retrieved from https://d1.awsstatic.com/whitepapers/compliance/NIST_Cybersecurity_Framework_CSF.pdf
The protection section of the CSF equally entails6 categories that include controlling access, creation of training sessions, data protection. Information security procedures, innovative security technology, and maintenance. The mentioned subcategories are illustrated in the image below:
Retrieved from https://d1.awsstatic.com/whitepapers/compliance/NIST_Cybersecurity_Framework_CSF.pdf
The detection step entails 3 main categories, which include anomalies and occurrences, constant monitoring of security issues, and the procedure for detecting threats. The image below summarizes the three categories under this section:
Retrieved from https://d1.awsstatic.com/whitepapers/compliance/NIST_Cybersecurity_Framework_CSF.pdf
The response section comprises 5 categories, which include response plan, mitigation strategies, communication strategies, cybersecurity analysis, and improvements to be implemented. The image below summarizes the functions under this section of the security plan:
Retrieved from https://d1.awsstatic.com/whitepapers/compliance/NIST_Cybersecurity_Framework_CSF.pdf
The recovery stage of the CSF plan has three categories that entail planning for recovery, communications methodologies, and improvements to be implemented. The image below illustrates the subcategories of this section:
Retrieved from https://d1.awsstatic.com/whitepapers/compliance/NIST_Cybersecurity_Framework_CSF.pdf
The NIST CSF plan above contains elements that will assist in risk management associated with cloud networks and strategies for reporting each case or event. Other ways to increase security in the healthcare network include the installation of network firewalls, installation of intrusion prevention systems, intrusion detection system implementation, and installation of workstation resident antivirus and provision of registration, updating, authentication, and verification procedures.
When the steps above are fully exploited, the healthcare network will be secure. However, the cloud data need to be replicated in data center storage in case of accidental erasure. The imminent threats include unauthorized access, accidental, erasure of crucial data, virus attacks, and other malicious attacks. The actors, in this case, add users, patients, employees, health experts, and other stakeholders.