The Importance of Using the NIST Cybersecurity Framework
The Importance of Using the NIST Cybersecurity Framework
Preparing Students for the Cybersecurity Challenges of Today and Tomorrow: The Importance of Using the NIST Cybersecurity Framework in Mapping Degree Programs
Written by Dean of Information Assurance and Computer Science Engineering, Dr. Praveena Kommidi
As our world becomes increasingly digitized, cybersecurity threats have become a pressing issue that we cannot ignore. Businesses of all sizes, including universities, must take cybersecurity seriously to protect themselves and their stakeholders. The National Institute of Standards and Technology (NIST) Cybersecurity Framework is a set of guidelines organizations can use to manage and reduce their cybersecurity risks. This article will explore how the NIST cybersecurity framework can be used in mapping degree programs, using examples from the University of Fairfax course catalog.
The NIST Cybersecurity Framework consists of five core functions: Identify, Protect, Detect, Respond, and Recover. These functions provide a structured approach for organizations to manage their cybersecurity risks. The Identify function involves understanding and managing cybersecurity risks to systems, assets, data, and capabilities. The Protect function involves implementing safeguards to ensure the delivery of critical infrastructure services. The Detect function involves developing and implementing appropriate activities to identify cybersecurity events. The Respond function involves developing and implementing appropriate activities to take action in response to a detected cybersecurity event. Finally, the Recover function involves developing and implementing appropriate activities to maintain resilience plans and restore any services that will be impaired due to a cybersecurity event.
At the University of Fairfax, these NIST core functions are incorporated into the curriculum across multiple degree programs. For example, in the Master of Science in Cybersecurity Management program, students take “Risk Management and Assessment” and “Security Controls and Countermeasures,” which align with the Identify and Protect core functions. Likewise, in our future courses the Bachelor of Science in Cybersecurity program, coming soon to the University of Fairfax, students take courses such as “Incident Response and Recovery” and “Cybersecurity Incident Handling,” which align with the Respond and Recover core functions. These courses provide students with the knowledge and skills necessary to manage cybersecurity risks in various settings.
The importance of using the NIST Cybersecurity Framework in mapping degree programs cannot be overstated. As the frequency and severity of cybersecurity threats continue to increase, organizations need employees who can manage these risks effectively. Incorporating the NIST framework into degree programs ensures that students have a solid foundation in cybersecurity risk management and can apply this knowledge in their future careers.
In addition, the NIST Cybersecurity Framework is recognized internationally as a best practice for managing cybersecurity risks. Many industries and government agencies require compliance with the NIST framework, so students who are familiar with the framework are well-prepared to work in these environments. The use of the NIST framework in mapping degree programs can also help universities attract students who are interested in cybersecurity and want to receive a comprehensive education in this field.
In conclusion, the NIST Cybersecurity Framework provides a structured approach for organizations to manage their cybersecurity risks. The University of Fairfax has incorporated the NIST framework into its degree programs to ensure students have a solid foundation in cybersecurity risk management. By doing so, the university is preparing its students for successful careers in various industries and government agencies. As cybersecurity threats evolve, universities must update their curriculums to reflect best practices such as the NIST Cybersecurity Framework.
References:
National Institute of Standards and Technology. (2014). Framework for improving critical infrastructure cybersecurity. Retrieved from https://www.nist.gov/publications/framework-improving-critical-infrastructure-cybersecurity