CISO2CISO.COM & CYBER SECURITY GROUP

Microsoft 365 and the NIST Cybersecurity Framework

Microsoft 365 and the NIST Cybersecurity Framework

Introduction
Keeping your employees and organization secure without compromising productivity is a challenge.
Microsoft 365 security solutions are designed to help you adhere to industry and government
standards and frameworks that have been developed to simplify security for organizations and provide
insight and guidance for IT pros.
In this document, we have mapped Microsoft 365 security solutions to the National Institute
of Standards and Technology Cybersecurity Framework (NIST CSF). The NIST CSF is a guide for
organizations to manage and reduce cybersecurity risk. Developed through a collaboration
among industry leaders, academics, and government stakeholders, it is a thorough cybersecurity
implementation guide for the United States government, and used by enterprises worldwide. The
most current version of the NIST CSF is the NIST CSF Version 1.1, updated in April 2018.
The CSF is founded on two core NIST documents: the NIST SP 800-53 Rev 4 and the Risk Management
Framework (RMF), which also references the NIST SP 800-53, among others. Each of these documents—
the NIST CSF, the NIST SP 800-53, and the RMF—informs the review process for the Federal Risk
and Authorization Management Program (FedRAMP). FedRAMP is a government-wide program that
provides a standardized approach to security assessment, authorization, and continuous monitoring
for cloud products and services, and is now considered the primary certification process for cloudbased solutions. Mapping your security solutions to the NIST CSF can help you achieve FedRAMP
certification and provide a framework for a holistic security strategy. Although Microsoft isn’t endorsing
this framework—there are other standards for cybersecurity protection—we find it helpful as a baseline
against commonly used scenarios.

Below, we offer guidance to help you best use Microsoft 365 security solutions to address each
category within four NIST CSF core actions: Identify, Protect, Detect, and Respond. Regardless of the
size of your business, this framework will guide you in deploying security solutions that are right for
your organization.


This guide will help you get started with your Microsoft 365 security solutions, explain how these
products work together in the greater enterprise environment, and provide insight into the most
effective security scenarios you can enable for your organization.

Microsoft-365-and-NIST-Cybersecurity-FrameworkDescarga
Facebook
Twitter
LinkedIn
Pinterest
admin

admin

All Posts »

Leave a Reply

Your email address will not be published. Required fields are marked *

Top Recommended Posts

DevOps Tools and Insfrastructure Under Attack by Wallarm
DevOps Tools and Insfrastructure Under Attack by Wallarm
ISACA Ransomware Incident Management Quick Reference Guide
ISACA Ransomware Incident Management Quick Reference Guide
Undestanding the Open Cybersecurity Schema Framework by Paul Agbabian.
Undestanding the Open Cybersecurity Schema Framework by Paul Agbabian.
Data Loss Prevention from on-premises to cloud by Microsoft Security
Data Loss Prevention from on-premises to cloud by Microsoft Security
Dev.Sec.Ops. – Protecting the Modern Software Factory by GitGuardian
Dev.Sec.Ops. – Protecting the Modern Software Factory by GitGuardian
CIS Software Supply Chain Security Guide by Center for Internet Security (CIS)
CIS Software Supply Chain Security Guide by Center for Internet Security (CIS)
GUIDE TO EFFECTIVE RISK MANAGEMENT 3.0 – ALEX SIDORENKO – ELENA DEMIDENKO
GUIDE TO EFFECTIVE RISK MANAGEMENT 3.0 – ALEX SIDORENKO – ELENA DEMIDENKO
Ransomware Investigation (OSINT & HUNTING) Overview PT1 by Joas Antonio
Ransomware Investigation (OSINT & HUNTING) Overview PT1 by Joas Antonio
CYBERSECURITY 101 – A Resource Guide for Financial Sector Executives by John W. Ryan
CYBERSECURITY 101 – A Resource Guide for Financial Sector Executives by John W. Ryan
ChatGPT Security Risks -A Guide for Cyber Security Professionals by Cybertalk.org
ChatGPT Security Risks -A Guide for Cyber Security Professionals by Cybertalk.org