Welcome to Colorado Springs - WordPress.com · 2019. 8. 5. · Security Continuous Monitoring...
Transcript of Welcome to Colorado Springs - WordPress.com · 2019. 8. 5. · Security Continuous Monitoring...
-
Welcome to Colorado Springs
1
-
Compliance vs. Cybersecurity
2
-
3
• How many remember the massivecomputers in the huge computer rooms?– What were the advantages?– What were the disadvantages?
-
4
Chat about one solution
• National Institute of Standards andTechnology (NIST)– U.S. Department of Commerce
-
• Cybersecurity Framework– https://www.nist.gov/cyberframework
What has NIST provided?
5
-
• Identify• Protect• Detect• Respond• Recover
Framework Functions
6
-
Categories within Functions
7
-
• Isn’t that just like IT folks, wanting to useacronyms everywhere!?!?!?!
Do Not Panic!!!
8
-
Categories within Functions
9
-
• The data, personnel, devices, systems,and facilities that enable an organizationto achieve business purposes areidentified and managed consistent withtheir relative importance to businessobjectives and the organization’s riskstrategy.
ID.AM
10
-
Categories within Functions
11
-
• Analysis is conducted to ensureadequate response and support recoveryactivities.
RS.AN
12
-
Categories within Functions
13
-
• Detection processes and procedures aremaintained and tested to ensure timelyand adequate awareness of anomalousevents.
DE.DP
14
-
Categories within Functions
15
-
• Recovery planning and processes areimproved by incorporating lessonslearned into future activities.
RC.IM
16
-
Where does one go from here?
17
-
Questions
18