The Protect Function supports the ability to limit or contain the impact of a potential cybersecurity event.
Appropriate safeguards in place to ensure delivery of critical infrastructure services.
- Protections for Identity Management and Access Control within the organization including physical and remote access
- Empowering staff within the organization through Awareness and Training including role based and privileged user training
- Establishing Data Security protection consistent with the organization’s risk strategy to protect the confidentiality, integrity, and availability of information
- Implementing Information Protection Processes and Procedures to maintain and manage the protections of information systems and assets
- Protecting organizational resources through Maintenance, including remote maintenance, activities
- Managing Protective Technology to ensure the security and resilience of systems and assets are consistent with organizational policies, procedures, and agreements
Benefit to Business
- Provides real protection against threats
- Provides visibility into critical security events
- Correlates data from many sources to identify Patient Zero
- Managed Detection and Response to Security Events
- Human and AI analytics to reduce false positives