Jump to content
Sign in to follow this  
Guest Alex Calis

RSA Announces Cybersecurity Framework Webcast

Recommended Posts

Guest Alex Calis
RSA is conducting a live webcast addressing the Cybersecurity Framework on Thursday, August 21st.  It will cover topics such as the Framework history, components, benefits, and how to get started.  It will also provide the opportunity to ask questions about the Framework and what this means for your organization.  Here is a link for more information and how to register for the webcast.

 


 

In this forum, we encourage you to ask questions, share your concerns, and highlight interesting or surprising information regarding the webcast. 

 

We look forward to continuing the discussion, 

 

CForum Team

Share this post


Link to post
Share on other sites

Thank you to everyone that was able to attend the session.  A recording of the webinar is located at https://www.emc.com/events/rsa/08-21-14-CyberSec_Framework.htm.

 

ADM Brown and I were able to address a lot of questions submitted by attendees; however, we couldn't get to all of them.  I will post some of the question we weren't able to address during the webinar on this thread as well as some of the questions that were addressed.  Feel free to provide additional comments and your thoughts on the questions and their responses.  The true value of this forum is through this open dialogue.

  • When creating a current Profile, do you assess at the subcategory level, by aligning to each informative resource?
  • What type of organizations will be required to adopt the framework?
  • What hope is there for small and mid-size businesses that may work in critical areas but lack the resources for a full-time IT staff?
  • What value proposition can I make to my board, investors or employees to free up resources and change processes/culture?

Share this post


Link to post
Share on other sites

 

  • When creating a current Profile, do you assess at the subcategory level, by aligning to each informative resource?

 

 

The Frameworkdefines Profiles as the representation of the outcomes based on business needs that an organization has selected from the Framework Categories and Subcategories.  The informative references were provided in the Framework Core as a means for assisting organizations implementing the Framework in understanding 'how' the outcomes within the Core could be achieved.  Organizations are not required, by the Framework, to implement the five informative reference sources to demonstrate alignment to the Core.  However, organizations that have implemented one or more of the five proven practices listed (e.g. COBIT, ISO, etc) in the Core can demonstrate alignment to the Core simply by mapping their policies/practices currently in place as a result of implementing the proven practice back to the Core.

 

 

1The National Institute of Technology and Standards (NIST) “Framework for Improving Critical Infrastructure Cybersecurity version 1.0”, February 12, 2014, available at http://www.nist.gov/cyberframework/upload/cybersecurity-framework-021214.pdf.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×