Cyber resilience is a critical priority for all organizations, especially those in the U.S. public sector. The need for resilience is more urgent than ever to ensure delivery of their mission and business performance.
Cyber resilience refers to an organization’s ability to prepare for, prevent, respond to, and recover from cyber incidents.
Government agencies and other organizations need a robust cybersecurity framework and effective enterprise tools to achieve this. The NIST Cybersecurity Framework (CSF) 2.0, released in February 2024, combines Splunk with the Cisco Security Portfolio to provide a comprehensive approach to strengthening the cyber resilience of government agencies, critical industry players, and digitally dependent organizations. As we say, every organization has infrastructure that is critical to their mission and business success.
NIST Cybersecurity Framework 2.0 Key
Developed with input from 100 countries and thousands of experts, the National Institute of Standards and Technology (NIST) Cybersecurity Framework 2.0 provides a systematic approach, guidance, implementation examples, and best practices to more effectively manage and mitigate cybersecurity risks. The power of the NIST Cybersecurity Framework has always been its ability to help organizations prioritize the adoption of a flexible, repeatable, and outcome-based approach to identifying, assessing, and managing cyber risks. Additionally, the approach is highly adaptable to all potential critical infrastructure areas, including information technology (IT), operational technology (OT), the Internet of Things (IoT), the Industrial Internet of Things (IIoT), facility-related control systems (FRCS), and cyber-physical systems (CPS). Most importantly, the approach can be tailored to each organization’s capabilities, resources, mission, and business needs to better manage cyber risks.
These capabilities, which can be tailored to each organization’s risk tolerance and mission and business requirements, are enhanced in Version 2.0 with a broad set of implementation examples that make it easier for organizations to assess and improve their cybersecurity practices and maturity levels. These implementation examples align with the six core capabilities (see Table 1: NIST Cybersecurity Framework 2.0 Core Capabilities Overview) at the heart of the framework and the 22 supporting categories.
Cross-architecture enterprise mission resilience
Critical to ensuring mission and business resilience is identifying high-value assets (HVAs), information systems, and information that are critical to the organization. Loss of access to these systems, or the loss or corruption of this information and/or data, would have a significant negative impact on the organization’s ability to perform its mission or business. To optimize enterprise mission resilience, each organization must understand the dependencies and cross-domain interdependencies of these mission-critical assets and processes that are used to achieve mission and business success.
Effective enterprise critical infrastructure resiliency requires cross-architecture visibility, orchestration, and integration across the enterprise to ensure successful mission and business outcomes. Cisco’s security portfolio and Splunk’s AI-driven observation platform are aligned to deliver these capabilities across HVA systems and processes within the enterprise mission domain.
Providing superior cyber and operational resilience
Cisco’s recent acquisition and integration of Splunk has enhanced the robustness of our solution and capabilities to address not only the 11 technical CSF 2.0 categories, but also the ability to provide data-driven and data-enabled insights that are critical to optimizing the majority of the remaining 11 non-technical category policies and actions. Cisco believes that the ability to provide shared, data-driven synergies across technical and non-technical CSF categories enhances both mission-critical resilience and the ability of each organization to achieve its desired mission and business outcomes.
Cisco’s perspective on the required capabilities is as follows:
Better security
This is possible through stronger Splunk integrations with Cisco Identity Services Engine (ISE), Secure Network Analytics (SNA), Next-Generation Firewalls (NGFW), and by integrating comprehensive threat intelligence from Cisco Talos into Splunk.
This integration enables organizations of all sizes to leverage cloud, network, and endpoint traffic for unparalleled visibility and a more comprehensive security solution for governance, identification, threat prevention and protection, detection, response, remediation, and incident investigation.
Better Observability
Integrate Splunk’s industry-leading data platform to enhance proactive troubleshooting in application and infrastructure monitoring, and seamlessly automate and orchestrate solutions across on-premises and multi-cloud environments.
This full-stack observation and optimization solution approach improves your organization’s digital experiences across hybrid multi-cloud environments, enhancing your mission and business outcomes.
Better networking
Cisco’s network assurance capabilities, integrated with Splunk’s data platform, converge networking, security, and observation data into a unified view of network stability and threat intelligence to prevent disruptions while proactively protecting network performance and operations.
This integration also accelerates the evolution of powerful AI network capabilities that automate, orchestrate, optimize, and secure network performance delivered over intelligent, resilient, continuously evolving, and optimized network infrastructure.
Other Key Cisco/Splunk Integration Benefits
- Our open and extensible portfolio of solutions is tightly integrated yet loosely coupled, supporting multi-vendor environments and protecting existing IT investments. This is also supported by our extensive use, support and contribution to open source activities such as ClamAV, Snort, OpenTelemetry, Kubernetes, Cilium (eBPF) and more.
- Empowers DevOps, AppOps, InfraOps, NetOps, SecOps, and engineering teams to collaborate more effectively using shared data and context across enterprise domains.
- Cisco and Splunk’s platform approach helps customers more effectively integrate and consolidate existing point investments and tools, reducing costs, eliminating seams, and delivering greater enterprise resilience.
The new Cisco will continue to help government agencies and other organizations achieve greater cyber and operational resilience across their mission-critical infrastructure.
Next Steps
For more information, see the related links below.
Share:
