Control 10 Mapping to the NIST Cybersecurity Framework
9 hours 54 minutes
Hey, everyone, welcome back to the course. So in the last video, we just took a overview of control number 10. So again, that's the data recovery capabilities and this video, we're just going to take a look at how control number 10 maps up to the Miss cybersecurity framework.
So sub control 10.1, ensuring we have got regular automated backups. So again we may be doing different types of backups for maybe do a full backups differential. Backups, Whatever the case, might be your organization. We have specific policies and procedures around the backups, but they definitely need to be automated.
And the other thing I'll mention there is. Make sure you store the backups on different medium. Don't just have him going to one. Uh, let's just say, for example, one cloud provider. You want to make sure that you're storing on different mediums. So that way, if you get hit with, like ransom, where you've always got a backup, you can go to
some control. 10.2 performing complete system backup. So going along the different types of backups we want to make sure we're doing at least full backups. Every so often that's really going to depend on your particular organisations needs
some control. 10.3. We want to test the data on the backup media. Make sure that we've actually got good data on there. Make sure the integrity is maintained. So that maps up to a couple of nous cybersecurity framework items pr ds Dash six n p r i p Dash four
Some controlled 10.4 ensure our backups are protected. Right, So that's where we go into PR DS DS Dash one we're talking about the data at rest is protected to our backups. Are that data at rest?
Some control 10.5 It's during the backups have at least one non continuously addressable destination. I mentioned that earlier ride just a moment of so a moment ago.
We want to make sure that we don't have one single location. The backups are going to want to store them in multiple locations, so we always have a backup to get from.
So this video we just took a very high level overview of how the, uh
control number 10 maps to the new cybersecurity framework
in the next video were to take a look at our *** Data backup and Recovery lab. And it's gonna be very, very short lab. Just want to forewarn you on. That is very simple lab to do. But again, there is a step by step guide you confined in the resource of section of the course for the lab will do in the next video.