Upload
others
View
0
Download
0
Embed Size (px)
Citation preview
Welcome to Colorado Springs
1
Compliance vs. Cybersecurity
2
3
• How many remember the massivecomputers in the huge computer rooms?– What were the advantages?– What were the disadvantages?
4
Chat about one solution
• National Institute of Standards andTechnology (NIST)– U.S. Department of Commerce
• Cybersecurity Framework– https://www.nist.gov/cyberframework
What has NIST provided?
5
• Identify• Protect• Detect• Respond• Recover
Framework Functions
6
Categories within Functions
7
• Isn’t that just like IT folks, wanting to useacronyms everywhere!?!?!?!
Do Not Panic!!!
8
Categories within Functions
9
• The data, personnel, devices, systems,and facilities that enable an organizationto achieve business purposes areidentified and managed consistent withtheir relative importance to businessobjectives and the organization’s riskstrategy.
ID.AM
10
Categories within Functions
11
• Analysis is conducted to ensureadequate response and support recoveryactivities.
RS.AN
12
Categories within Functions
13
• Detection processes and procedures aremaintained and tested to ensure timelyand adequate awareness of anomalousevents.
DE.DP
14
Categories within Functions
15
• Recovery planning and processes areimproved by incorporating lessonslearned into future activities.
RC.IM
16
Where does one go from here?
17
Questions
18