Blog
NIST’s 5 Steps to initiate and/or integrate NIST Cybersecurity Framework 2.0 at your organization
This video features Allen Keele, a principal and lead instructor at Certified Information Security, who outlines the five steps recommended by NIST to initiate or integrate the NIST Cybersecurity Framework 2.0 into an organization's cybersecurity program. He emphasizes the importance of understanding the organization's current cybersecurity state and NIST CSF 2.0's target goals.
The video also discusses the maturity scale levels provided by the Cybersecurity and Infrastructure Security Agency (CISA) for assessing conformance, ranging from planned to managed, measured, and defined. Additionally, Keele explains the hierarchical structure of NCSF 2.0, which includes six functions, 22 major project categories, and 106 subcategories with 363 recommended implementation tasks. He provides insights into assigning roles and responsibilities, creating a RACI matrix, and assessing the completion maturity of actions.
- 00:00Introduction to NIST CSF 2.0
- Allen Keele introduces the NIST Cybersecurity Framework 2.0
- Outlines the five steps for integrating the framework into an organization
- Emphasizes scoping and gathering information as initial steps
- 02:08Understanding Maturity Scale Levels
- Explains the maturity scale levels for assessing conformance
- Describes the range from planned to managed, measured, and defined
- Highlights the importance of assigning tasks to the right people
- 02:36Structure of NIST CSF 2.0
- Breaks down the framework into functions, categories, and subcategories
- Discusses the 106 subcategories and 363 recommended implementation tasks
- Stresses the need for clear objectives and control objectives
- 09:22Assigning Roles and Responsibilities
- Guides on creating a RACI matrix for roles and responsibilities
- Provides a detailed explanation of the RACI matrix components
- Discusses the importance of documenting and measuring performance
- 09:30Screen demonstration of using the CIS NIST Cybersecurity Framework 2.0 Roles and Responsibilities RACI Matrix & CSF 2.0 Profile Audit Tool
Copyright
© 2024 Certified Information Security
When you subscribe to the blog, we will send you an e-mail when there are new updates on the site so you wouldn't miss them.
Comments