The FFIEC is retiring its Cybersecurity Assessment Tool (CAT) by August 31, 2025, and recommends that financial institutions transition to the NIST Cybersecurity Framework 2.0 (CSF 2.0) as an alternative. This shift is driven by the need for more updated and comprehensive cybersecurity frameworks as threats evolve. Time is running out for supervised financial institutions to transition to deploy and assess cybersecurity according to NIST CSF 2.0.

Why the change?

The FFIEC determined that the CAT, while helpful, wasn't being updated to reflect newer government resources like NIST CSF 2.0 and CISA's (U.S. Department of Homeland Security's Cybersecurity and

"Introduction to AI in Business - The 5th Industrial Revolution" is a 3-part series presented by Certified Information Security's founding Principal and content author, Allen Keele. Understand the critical aspects of AI accountability, safety, and risk management in business settings. Discover key frameworks such as ISO 42001 AI Management Systems, ISO 23894 AI Risk Management, and NIST AI Risk Management Framework 1.0. Uncover the compliance mandates of the EU AI Act of 2024. Explore other sessions in this 3-part series:

• Session 1 - Embark on a journey through the basics of AI in simple terms. Dive into the 2025 AI trends and its integration into business operations, all supported by well-recognized and reputable sources.
• Session 3: Understand the critical aspects of AI accountability, safety,

This video features Allen Keele, a principal and lead instructor at Certified Information Security, who outlines the five steps recommended by NIST to initiate or integrate the NIST Cybersecurity Framework 2.0 into an organization's cybersecurity program. He emphasizes the importance of understanding the organization's current cybersecurity state and NIST CSF 2.0's target goals. 

The video also discusses the maturity scale levels provided by the Cybersecurity and Infrastructure Security Agency (CISA) for assessing conformance, ranging from planned to managed, measured, and defined. Additionally, Keele explains the hierarchical structure of NCSF 2.0, which includes six functions, 22 major project categories, and 106

Transcript

Welcome to certified information securities training and certification program for the certified NIST artificial Intelligence Risk Management Framework, 1.0 architect. This is the first of four segments of the introduction to that course. I'm Alan keel. Thanks for joining me. The certified NIST AI, RMF 1.0 architect credential, certifies your ability to implement the formal structure, governance, and policy of a robust AI risk management framework conforming to internationally recognized and respected NIST best practices and standards. Upon completion of this training and certificate program, you'll be equipped with the knowledge and skills required to manage, monitor and improve

Transcript

Welcome to certified information securities training and certification program for the certified NIST artificial Intelligence Risk Management Framework, 1.0 architect. This is the third part of four of the introduction to the training and certification program. I'm Alan keel. Thanks for joining me. So you've heard me talk about the AI risk management life cycle. Well, we need to go ahead and get a basic understanding of that. So that way we can see as we look through the core with our four core functions, where those play out in the AI. Life cycle. We'll begin with looking at

Transcript

Welcome to certified information securities training and certification program for certified NIST artificial intelligence risk Management Framework 1.0 architect. This is the second part of four for the introduction to this training and certification program. I'm Alan keel. Thanks for joining me. So now that we have an understanding of the intent of these risk management frameworks and how they are to be used to help organizations like ours to better, more effectively manage AI risk. Let's take a look at what we're up against when it comes to managing AI risk. We're going to look at setting the

Transcript

Welcome to the Certified Information Security Training and certification program for the certified NIST artificial Intelligence Risk Management Framework, 1.0 architect. This is the final and 4th part of four of the introduction to the training and certification program. I'm Alan keel. Thanks for joining me. You may remember from my general introduction to AI that I provided in a previous presentation that one of our overall issues at hand with artificial intelligence is trying to achieve trustworthiness, trustworthiness, that the system is going to be accurate, trustworthiness. That it's not going to harm trustworthiness, that it's going to

Transcript

Hi, my name is Allen Keele. I'm a Principal with Certified Information Security and today I would like to bust a myth that the Board and C-Suite have no role in cybersecurity, at least that's what I seem to run into an awfully lot.

So the reality is that cyber risk is pervasive throughout the enterprise. Wherever Internet technology exists, not just in the server room, meaning that operations, technology, and Internet of Things, any device that we use within our organization that has Internet connectivity in some way is essentially a cyber risk entry point. So expecting that