NIST Cybersecurity Framework (häftad)
Häftad (Paperback / softback)
Antal sidor
IT Governance Publishing
2 Illustrations
180 x 111 x 2 mm
77 g
Antal komponenter
57:B&W 4.37 x 7 in or 178 x 111 mm Perfect Bound on White w/Gloss Lam
NIST Cybersecurity Framework (häftad)

NIST Cybersecurity Framework

A pocket guide

Häftad Engelska, 2018-09-20
Skickas inom 10-15 vardagar.
Gratis frakt inom Sverige över 159 kr för privatpersoner.
Finns även som
Visa alla 2 format & utgåvor
This pocket guide serves as an introduction to the National Institute of Standards and Technology (NIST) and to its Cybersecurity Framework (CSF). This is a US focused product. Now more than ever, organizations need to have a strong and flexible cybersecurity strategy in place in order to both protect themselves and be able to continue business in the event of a successful attack. The NIST CSF is a framework for organizations to manage and mitigate cybersecurity risk based on existing standards, guidelines, and practices. With this pocket guide you can: Adapt the CSF for organizations of any size to implement Establish an entirely new cybersecurity program, improve an existing one, or simply provide an opportunity to review your cybersecurity practices Break down the CSF and understand how other frameworks, such as ISO 27001 and ISO 22301, can integrate into your cybersecurity framework By implementing the CSF in accordance with their needs, organizations can manage cybersecurity risks in the most cost-effective way possible, maximizing the return on investment in the organization's security. This pocket guide also aims to help you take a structured, sensible, risk-based approach to cybersecurity.
Visa hela texten

Passar bra ihop

  1. NIST Cybersecurity Framework
  2. +
  3. Learn Python 3 the Hard Way

De som köpt den här boken har ofta också köpt Learn Python 3 the Hard Way av Zed A Shaw (häftad).

Köp båda 2 för 372 kr


Har du läst boken? Sätt ditt betyg »

Fler böcker av Alan Calder

Övrig information

Alan Calder is a leading author on IT governance and information security issues. He is the CEO of GRC International Group plc, the AIM-listed company that owns IT Governance Ltd. Alan is an acknowledged international cyber security guru. He has been involved in the development of a wide range of information security management training courses that have been accredited by the International Board for IT Governance Qualifications (IBITGQ). He is a frequent media commentator on information security and IT governance issues, and has contributed articles and expert comment to a wide range of trade, national and online news outlets.


Introduction. 1

the growing digital ecosystem.. 2

federal responses 2

past cyber incidents 4

the nist cybersecurity framework. 6

Chapter 1: Aims of the Framework. 9

relevant factors and variables 10

implementation benefits 11

structure. 12

Chapter 2: Framework core. 15

functions 17

identify. 18

protect, detect, and respond. 19

recover 20

categories 21

subcategories 22

informative references 23

iso 27001. 23

cobit. 24

nist sp 800-53. 24

isa 62443. 25

cis csc. 25

how the core elements interact 26

implementation – risk management 26

methodologies 27

risk responses 27

nist’s risk management framework. 29

Chapter 3: Framework profiles 33

current profile. 33

target profile. 34

how the two profiles interact 34

Chapter 4: Framework implementation tiers 37

how to view the tiers 37

risk management aspects 38

risk management processes 38

integrated risk management program.. 38

external participation. 38

tier 1: partial 39

tier 2: risk-informed. 39

tier 3: repeatable. 39

tier 4: adaptive. 40

how the tiers, profiles, and core interact 41

Chapter 5: Implementing the Framework. 43

step 1: determine objectives, priorities, and scope. 43

step 2: identify assets and risks 43

step 3: create a current profile. 44

step 4: conduct a risk assessment 44

step 5: create a target profile. 46

step 6: perform a gap analysis 46

step 7: implement the action plan. 46

continual improvement 47

decision-making and implementation responsibilities 47

Chapter 6: Alignment with other frameworks 51

iso 27001. 51

iso 22301. 53

combining iso 27001 and iso 22301. 55

Appendix: Key changes from Version 1.0 to 1.1. 57

Glossary. 59

Further reading. 63