We understand that cybersecurity should be a business enabler, not a roadblock. At Optic Cyber Solutions, we apply cybersecurity as a lens on top of business priorities to help organizations manage risks and protect their critical information and resources.
Great job! Wish you had a list of the security requirement questions. The SSP on the NIST portal is still using rev2 template. Looking to see when rev3 SSP template will come out.
Hello! We have an updated Rev3 SSP template on our Resources page under the NIST SP 800-171 section here: www.opticcyber.com/resources.html Hope this helps!
Lol, what a luck I have today , that I find You. You explain this very well. In my life upgrade I was not wishing any more than Your YT Video. Fantastic.. :)
Hello, I apologize for the issues! Please try this link: 43828014.hs-sites.com/nist-cybersecurity-framework-2.0-do-i-measure-up It will take you to Hubspot, but should not require any sort of administrator's login.
My go to for NIST CSF knowledge in plain language. Since you asked in your video about potential future topics : - )..curious if you were familiar with the NIST CSF Financial Services Sector profile ("CRI Profile")?
Thanks! That's a great idea - I have some familiarity with the CRI Profile but haven't gotten to dig into the 2.0 update yet. I'll have to add that to my list!
While NIST doesn't provide "certification" criteria for the CSF, there are companies that provide training for individual certifications as well as others that conduct CSF program assessments. Optic Cyber Solutions would be happy to conduct a CSF assessment of your cybersecurity program - please reach to Info@OpticCyber.com for more information!
There are many Governance, Risk, and Compliance (GRC) tools that track cybersecurity governance against the CSF to help ensure you have appropriate coverage for the CSF. Additionally, they provide processes for helping align business risk to the CSF enabling you to ‘right-size’ your capabilities to properly manage risk. Additionally, CSF Profiles are a great way tool to help implement the CSF.
Looking from a preventative point of view, a few of the Subcategories that we typically consider when developing vulnerability management programs include: GV.PO-02 to establish the policy and plan, ID.RA-01 to identify vulnerabilities, ID.RA-05 to priorities them for remediation, ID-RA-06 to manage them, ID.IM-04 to plan for addressing exploited vulnerabilities, and PR.PS-02 to enable routine patching.
The Cybersecurity Framework v1.1 has been archived on NIST's website now that v2.0 has been released. NIST is recommending that companies use v2.0 moving forward; however, since the CSF isn't a compliance standard v1.1 can still be used if desired.
The CSF is intended to be flexible for companies to implement in a way that works best for them. Therefore, you could choose to tailor the new Govern Function out; however, this area was expanded to emphasize the need for having a cybersecurity strategy to help manage cybersecurity risk and drive cyber resilience.
Are there subcategories that carry overt from 1.0? For example, in every list they've published, under Identify's Risk assessment it goes ID.RA-01, 02, 03, 04, and 05 then skips to ID.RA-07. Does this mean that the ID.RA-06 remains unchanged?
They haven't published a detailed mapping of how the Subcategories were moved around, but if you check out the Discussion Draft released last April, it will give you a starting point since it does include that level of detail (www.nist.gov/system/files/documents/2023/04/24/NIST%20Cybersecurity%20Framework%202.0%20Core%20Discussion%20Draft%204-2023%20final.pdf). In the example you provided, ID.RA-06 is still included in the updated CSF 2.0, but has had some wording changes to expand it's outcome.
Hello madam,I'm from srilanka in srilanka my life alone life with sounds in my ears both face no ears unknown human body machines user in srilanka follow me to put sounds in my ears in srilanka famous people enter my family life and put sounds in my ears in my room president ranil wikrmasinha?Singer amal perera?Singer justin Beiber ?Singer thushara sadakalum?Singer romesh sugathapala?only mind brain use find my ears and body daily find no action actress teena shanell,singer hector dias,singer Ashan fernando,actress sandani fernando,singer samitha mudunkotuwa, singer piyal perera Himasha hasanthika 1999.02.16
