In today’s digital landscape, cybersecurity is a top priority for businesses of all sizes. One of the most effective ways to enhance security is by following the NIST Cybersecurity Framework, which outlines key pillars for a robust cybersecurity strategy. In this article, we focus on pillar number two: Protect—which emphasizes securing applications, users, data, and endpoints to prevent cyber threats.
1. Application Management: Controlling Access
Managing application access is a critical step in protecting an organization’s digital assets. Businesses must ensure that only authorized users can access specific applications and systems. A best practice is to integrate applications with Active Directory (AD) or a similar identity management system. This approach allows organizations to:
- Restrict access to applications based on job roles (e.g., accountants accessing financial tools, warehouse workers accessing logistics software).
- Set time-based access restrictions to limit when users can access systems.
- Simplify offboarding by revoking access instantly when an employee leaves, reducing security risks.
Without proper application management, organizations risk unauthorized access, which could lead to data breaches, insider threats, or operational disruptions.
2. Strengthening Password Security and Multi-Factor Authentication
Weak passwords remain a major vulnerability in cybersecurity. Organizations should enforce strong password policies, requiring complex combinations of characters, numbers, and symbols. However, passwords alone are no longer sufficient. Multi-Factor Authentication (MFA) significantly reduces the risk of unauthorized access.
According to Microsoft, 99% of botnet attacks could be prevented with MFA. Implementing MFA ensures that even if a password is compromised, an additional authentication step—such as a text message code, biometric verification, or authentication app—is required to gain access.
3. Data Protection: Limiting Access and Encrypting Information
Data security is crucial for preventing leaks, breaches, and unauthorized modifications. Organizations should adopt the principle of least privilege, ensuring that employees can only access the data necessary for their roles. For example:
- Restrict access: Accountants should not have access to shipping data, and warehouse staff should not access financial records.
- Encrypt data at rest and in transit: Encryption ensures that even if data is stolen, it remains unreadable without decryption keys.
- Regular backups: Keeping secure backups protects against ransomware attacks and accidental data loss.
4. Endpoint Security: Protecting Devices from Cyber Threats
Endpoints—such as computers, mobile devices, and servers—are common entry points for cyberattacks. Organizations should take the following steps to secure endpoints:
- Keep operating systems and software updated to patch vulnerabilities.
- Use advanced endpoint protection, such as antivirus, anti-malware, and next-generation security solutions.
- Implement application whitelisting to prevent unauthorized software from running.
Traditional antivirus software is no longer enough, as many cyberattacks now exploit built-in system tools, such as PowerShell and command prompts, to execute malicious commands. To combat this, advanced security tools like PC Matic’s application whitelisting technology help detect and block suspicious activities before they escalate into full-scale breaches.
5. Industrial and Manufacturing Cybersecurity: Creating a Virtual Air Gap
Cybersecurity in industrial and manufacturing environments presents unique challenges. Many production systems run on outdated hardware that cannot support modern security software. The best solution is to create a virtual air gap using a next-generation firewall that separates the business network from the production environment.
A firewall with user- and application-aware controls can prevent unauthorized access while allowing necessary data exchanges. Organizations can also use an industrial DMZ (Demilitarized Zone) to provide a secure middle ground where specific systems can communicate without exposing the entire network to cyber risks.
Final Thoughts: Taking Action to Protect Your Business
Cyber threats continue to evolve, making proactive protection essential for all businesses. By implementing the Protect pillar of the NIST Cybersecurity Framework, organizations can significantly reduce their exposure to cyber risks. Key takeaways include:
- Managing application access through centralized identity systems.
- Enforcing strong password policies and enabling Multi-Factor Authentication.
- Restricting and encrypting sensitive data.
- Deploying advanced endpoint protection to prevent sophisticated attacks.
- Securing industrial environments with firewalls and network segmentation.
Investing in these protective measures today can help businesses avoid costly cyber incidents and maintain operational resilience in an increasingly digital world.
About the Author:
Kip Kirchberg is an international cybersecurity expert with extensive experience in building and leading cybersecurity teams, as well as collaborating with Fortune 500 organizations to enhance their security posture.
His expertise includes, but is not limited to:
- Developing and implementing SIEM platforms
- Endpoint security solutions
- Managing third-party remote access securely
- Securing industrial control systems (ICS)
- Deploying and optimizing next-generation firewalls
- Assisting organizations in identifying cybersecurity risks
- Generating actionable reports that drive informed security decisions
- Building and maintaining incident response teams
- Drafting and adopting corporate cybersecurity governance policies
- Conducting internal and external penetration testing
With a proven track record in cybersecurity strategy and risk management, Kip is dedicated to helping organizations proactively defend against evolving cyber threats.
