Jump to content
Sign in to follow this  
Guest Alex Calis

Using Profiles to Communicate Cyber Requirements

Recommended Posts

Guest Alex Calis

The Framework Profiles, described in an earlier post, can be used to help communicate cyber requirement both internally and externally.  The profiles can be used within an organization to communicate requirements to an implementation team.  Because the Framework provides a common language for addressing cybersecurity concerns, any profile should be understood by any implementation team.  Additionally, these profiles should be able to communicate to directors how business goals are being incorporated into the cybersecurity program.

 

Outside of the organization, the Framework Profiles can be used to better understand the security of an organization’s supply chain.  An organization may request a Framework Profile from an organization providing them with IT products or services.  This allows an organization to determine if a supplier has proper security protections in place. Alternatively, the organization can create a Framework Profile with minimum security requirements that suppliers must meet in order to work with the organization. The Framework Profiles provide a number of opportunities for increased cybersecurity communication within the organization and among partner organizations.

Share this post


Link to post
Share on other sites
Sign in to follow this  

×