The NIST ‘Identify’ Domain – The Foundation of Cybersecurity

This blog addresses an important part of cyber security: the NIST Cybersecurity Framework. This framework has five domains, each addressing a different aspect of cyber security. Let’s start at the beginning with the first domain: ‘Identify’ and the 5 main sub-topics within this domain: Asset Management, Risk Management, Supply Chain Management, Data Classification, and Cyber security Roles and Responsibilities. These topics form the foundation from which you build all your cyber security measures. If you get this right you’re well on your way to protecting your organization.
Asset management: knowing what you’ve got
Asset Management is all about knowing what you’ve got. Think of every device, system, software, and bit of data your company uses. It’s the first step in the ‘Identify’ domain for a reason. It’s tough to protect something if you don’t even know it’s there. Just like when you do a big spring clean, you need to know what’s in your house before deciding what’s important and what can go. Keeping an inventory helps you figure out which assets are most critical and need the most protection. It also helps avoid surprises when something goes wrong.
4 tips for successful Asset Management:
- Take a full inventory: Start with a detailed list of all physical and digital assets. Automated tools can make this less labor-intensive, which makes keeping your inventory up-to-date easier.
- Categorize Your Assets: Classify assets based on their importance to your business and their risk sensitivity.
- Keep your inventory up-to-date: Perform regular new scans and audits, especially after major changes or purchases.
- Label your assets: use labels or barcodes to easily identify and track your assets..

Risk Management: Detect problems before they happen
Once you know what your assets are, you need to think about risks. Risk Management is about identifying and understanding the potential threats to your assets. Get creative with “what if” scenarios. Ask questions like: What if there’s a data breach? What if a critical server crashes? A good risk management strategy prepares you for the unexpected and minimizes the impact of potential incidents.
How do you succesfully apply Risk Managament?
- Perform regular Risk Assessments: Analyze your systems and processes regularly to identify and prioritize risks.
- Use a Risk Management Framework: Implement a structured framework, like NIST, COSO or ISO 27001, to manage your risks.
- Involve the entire organization: Make risk management an organization-wide responsibility, instead of leaving it to the IT department.
- Develop Incident Response Plans: Create and practice incident response plans so you can react quickly to security incidents.
- Stay on top of new threats: Keep yourself and your team constantly updated on the latest threats and developments in the cyber security world.
Supply Chain Management: keeping an eye out on your partners
Your cyber resilience is only as strong as your weakest link, and we’ve become increasingly connected and dependent on our connections with others. To properly protect yourself, you must strengthen all links. This includes suppliers and partners. Supply Chain Management means paying attention to the cybersecurity measures and resilience of your suppliers and partners. It’s about knowing who has access to your data and systems and ensuring they follow the same strict security measures as you do. This helps prevent security issues outside your direct control.
5 Tips for Effective Supply Chain Management:
- Screen your suppliers: Do your research before adding a new supplier
- Set clear requirements: Clearly state the security measures you expect from your suppliers and formalize them in contracts.
- Continuous monitoring: Continue to keep an eye on your suppliers’ cyber security practices.
- Regular Communication: Maintain open and regular communication with your suppliers about security expectations and updates.
- Conduct Audits: Schedule periodic audits of your most critical suppliers to ensure they continue to meet your requirements.
Data Classification: knowing what needs protection
Not all data is created equal. Data Classification is about organizing your data based on sensitivity and importance to the business. The classification is based on the confidentiality and sensitivity of the information. In essence, it comes down to how much impact an incident involving the confidentiality, integrity or availability with this information, has on the organization. Personal customer data, for example, needs more protection than a picture of a company outing. By properly classifying your data, you ensure that you provide the right protection where it’s most needed.
How to effectively implement Data Classification:
- Define classification levels: Establish clear categories for your data, such as public, internal, confidential and strictly confidential.
- Use labels: Label your data automatically based on their classification to reduce manual errors.
- Implement access control: Limit access to sensitive data to only those employees who really need it. And monitor and use and disseminate this information (DLP).
- Keep the Policy Up-to-Date: Regularly review and update the data classification policy to keep up with new threats and be able to take appropriate action.
Cybersecurity Roles and Responsibilities: Who Does What?
A strong cybersecurity strategy isn’t just about technology; it’s also about people. Cybersecurity involves everyone in the organization. It’s crucial to define clear roles and responsibilities so everyone knows what’s expected of them. From the IT department to the executive team, everyone has a role to play. Clear responsibilities ensure no confusion about who does what during an incident.
How do you get clear what the cyber security roles and responsibilities are within your organization?
- Define Roles and Responsibilities: Make a list of who is responsible for which aspects of cybersecurity. Include these roles and responsibilities in employees job descriptions.
- Communicate clearly: Make sure everyone understands what responsibilities they have and why.
- Training and awareness: Offer regular training to make employees aware of their role in security. Ensure management is involved and supports cybersecurity so the whole team sees the importance.
- Evaluate and Improve: Regularly evaluate your cybersecurity roles and responsibilities to keep them relevant and effective.
In short…
The “Identify” domain of the NIST Cybersecurity Framework is like building a solid foundation for a house. Without it, everything you build runs the risk of collapsing. By focusing on Asset Management, Risk Management, Supply Chain Management, Data Classification, and Cybersecurity Roles Responsibilities, you lay the foundation for a strong and resilient cybersecurity stance. Having these things in order increases the organization’s cyber resilience, making you more resistant to incidents.
If you need advice or help with implementing the ‘Identify’ domain in your organization, feel free to reach out. We at OpenSight are happy to help!
OpenSight Back To School Series
During the OpenSight Back To School Series, we publish weekly blogs diving deeper into the five NIST Security Domains:
By implementing the measures associated with these domains, you can reduce the likelihood of cyber attacks and the impact of potential incidents.