Cargando…
NIST cybersecurity framework : a pocket guide /
The NIST CSF is a framework for organizations to manage and mitigate cybersecurity risk based on existing standards, guidelines, and practices.
| Clasificación: | Libro Electrónico |
|---|---|
| Autor principal: | |
| Formato: | Electrónico eBook |
| Idioma: | Inglés |
| Publicado: |
Ely, Cambridgeshire, United Kingdom :
IT Governance Publishing,
2018.
|
| Temas: | |
| Acceso en línea: | Texto completo |
Tabla de Contenidos:
- Cover; Title; Copyright; About the Author; Contents; Introduction; The growing digital ecosystem; Federal responses; Past cyber incidents; The NIST Cybersecurity Framework; Chapter 1: Aims of the Framework; Relevant factors and variables; Implementation benefits; Structure; Chapter 2: Framework core; Functions; Identify; Protect, detect, and respond; Recover; Categories; Subcategories; Informative references; ISO 27001; COBIT; NIST SP 800-53; ISA 62443; CIS CSC; How the core elements interact; Implementation
- risk management; Methodologies; Risk responses; NIST's Risk Management Framework
- Chapter 3: Framework profilesCurrent profile; Target profile; How the two profiles interact; Chapter 4: Framework implementation tiers; How to view the tiers; Risk management aspects; Risk management processes; Integrated risk management program; External participation; Tier 1: Partial; Tier 2: Risk-informed; Tier 3: Repeatable; Tier 4: Adaptive; How the tiers, profiles, and core interact; Chapter 5: Implementing the Framework; Step 1: Determine objectives, priorities, and scope; Step 2: Identify assets and risks; Step 3: Create a current profile; Step 4: Conduct a risk assessment
- Step 5: Create a target profileStep 6: Perform a gap analysis; Step 7: Implement the action plan; Continual improvement; Decision-making and implementation responsibilities; Chapter 6: Alignment with other frameworks; ISO 27001; ISO 22301; Combining ISO 27001 and ISO 22301; Appendix: Key changes from Version 1.0 to 1.1; Glossary; Further reading