The National Institute of Standards and Technology — a laboratory and nonregulatory federal agency within the U.S. Department of Commerce and a leading organization in developing cybersecurity guidance — provides a framework of standards, controls, and guidance on best practices for managing and securing information systems.5 The agency notes that organizations must select and implement appropriate security and privacy controls to address their own sets of risks.6
As shown in Figure 1, this cybersecurity framework defines five categories: identify, protect, detect, respond, and recover. Denver International Airport’s Network Operations Center and its Security Operations Center are involved in each of these steps. The airport’s cybersecurity program continues to improve with the ongoing development of security controls implemented and maintained by these two teams.
The National Institute of Standards and Technology recommends key considerations for improving the effectiveness of a network operations center.
The federal agency says managing risk is “a complex, multifaceted undertaking.” Therefore, it is critical for a network operations center to:
- Define a security strategy.
- Obtain quality information systems that provide trustworthy, accurate information.
- Adhere to the best practices of asset management.
- Integrate security into its systems.
- Document these efforts.
- Monitor security controls to ensure they operate effectively.
By following the federal guidance, the airport’s Network Operations Center will continue to effectively identify risk, protect the organization, detect security events, respond in a timely manner, and recover assets back to operational status when services are disrupted.