The components of the cybersecurity lifecycle are Identify, Protect, Detect, Respond, and Recover. These five parts are represented in the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF). The Framework core discusses these five functions and asserts they are intended to be understood by all appropriate parties, from executives to line level IT.
The proactive stance is understood from identifying threats and countermeasures. The protect function could be the implementing the safeguards such as anti-virus and firewalls. I would also include some of the controls/subcontrols of the advanced frameworks. Detect is crucial to monitor for malicious activity on the system and allow for an early warning and take the necessary steps to defeat the threats. To sustain the network, it is important to have Respond and Recover implemented and up to date with industry standards. It is not good enough to simply monitor for threats. Cybersecurity is better served with a strong response to protect the network further and recover the system integrity. For me, the concept of a lifecycle means a regular review of the system and apply a give and take relationship to the cycle. If a new threat is identified a new protection is developed. If a new detection system is designed it could change the respond category. A proficient lifecycle is flexible with cohesive functions.
Using the CSF Core becomes more effective when combined with the Profile and Tier implementation. It should be a continuous process with consistent updates and adaption. The threats are ever changing and react to our security lifecycle to develop their lifecycle.
NIST. (2018). Framework for Improving Critical Infrastructure Cybersecurity. Retrieved from https://nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.04162018.pdf