A NIST Cyber Framework for Everyone. Presenting CSF 2.0
.png)
The National Institute of Standards and Technology (NIST) released the final version of the Cybersecurity Framework (CSF) 2.0 on February 26, 2024. While the gold-standard in Federal Agency Cybersecurity is the onerous and complex NIST SP 800-53A Rev5 (Assessing Security and Privacy Controls in Information Systems and Organizations), the CSF is aimed at helping all organizations to manage and reduce risks.
Being designed for all audiences, industry sectors and organization types, from the smallest schools and nonprofits to the largest agencies and corporations (regardless of their degree of cybersecurity sophistication), Cybersecurity Framework (CSF) 2.0 is the tool for you. It outlines key items for organizational and management priorities as well as technical considerations for secure implementation.
CSF 2.0 boils the 733 pages of NIST 800-53 down to just 32 pages (plus some appendices), and the 287 NIST Moderate controls down to just 108 essential controls. Imagine this: you can implement just 2 controls per week and change your security posture from a slouch into a rigid attention.
Be prepared for the inevitable wave of growing risks and threats invading our businesses, governments, and personal IT infrastructures. It is cliché, but true, it’s not “If” but “When”.
Use the easy-to-navigate websites and online documents to get familiar with the scope and the quick start guides. Once you realize that it is not an unsurmountable challenge, select a preconfigured “community or small business profile”, and start the trip on your road to a secure future.
REGISTER
Speaker Bio
In 2021 Barry left the traditional workforce after 40+ years in IT and cybersecurity implementation and management.
His newly discovered energy is to encourage college and high school students to enter the Cybersecurity family. He is now an Adjunct Professor of Cybersecurity at the University of South Carolina Aiken, and independent contractor and lecturer. He believes that like cybersecurity systems, students should have “security built-in” through an early introduction in the curriculum, and participation in professional organizations like National Cybersecurity Student Association, ISC2, ISSA, and SANS. He also feels strongly that students should obtain certificates prior to entering the workforce.
His career was primarily with large contractors in the US Government sector. The last 15 years took him on an exciting bottom to top journey planning, implementing, maintaining, and managing (as ISSO/ISSM) complex cybersecurity systems for two large facilities. These efforts included creation of policy and procedures, selecting, building and configuring technology infrastructure, production operations, and compliance monitoring prior to turnover to the Government customer.
Barry Hudson barry.hudson@usca.edu
https://www.linkedin.com/in/barry-hudson-cissp-ab9b2136/
.png){kind=small}