Jump to content

Search the Community

Showing results for tags 'CSF'.

More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Founder
  • Platinum
  • Gold
  • Silver
  • Partners


  • Framework 101
    • Webseries
    • Tiers
    • Profiles
    • Framework Core
  • General
    • Implementation Guidance
    • Solutions
    • Framework in the News
    • Supply Chain Risk Management
    • Success Stories
    • General Discussion
  • Version 2.0
    • Governance
    • Technical Qualifications
    • Updates and Improvements
  • Workshop
    • Feedback
  • Members
    • Member's Lounge
  • BSI RFI Responses


  • Team CForum
  • Mike Brown's Blog
  • Tom.Conkle's Blog
  • Tony Sager's Blog
  • RonGula's Blog
  • Whitsitt on the NIST Framework
  • Frank Downs' Blog
  • Thoughts from Greg
  • matthew.smith's Blog


  • General
  • BSI RFI Responses
  • Guides
  • Templates
  • Example Profiles
  • Other Resources

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start














Company Name




Found 4 results

  1. matthew.smith

    Threat Informed Risk Management

    Version 3


    This document shows users how to implement threat informed risk management through use of the Cybersecurity Framework and NIST SP 800-154.
  2. There is a new resource in the Downloads folder! Together, Nemertes Research and G2 Inc have published a white paper on how to integrate a business risk portfolio (BRP) approach and the cybersecurity framework (CSF) released by NIST in February 2014 - Risk Management Through the Framework. This paper defines both the steps for the CSF and how to implement those steps using the Nemertes BRP approach. By implementing this guidance, organizations can gain efficiency and effectiveness to their cybersecurity programs by translating risk into actionable remediations.
  3. matthew.smith

    Risk Management Through the Framework

    Version 1.0


    By combining a business risk portfolio (BRP) approach and the Cybersecurity Framework (CSF), organizations can effectively manage cybersecurity risk.
  4. I came across these two articles today whilst performing a little research on the Framework. It is hard to believe that it has been a year since the Framework was released to industry. Some major steps have been made but there is more to do. The first article published by The White House 02-03-2015 lists the below as commitments to the Framework. Intel is releasing a paper on its use of the Framework and requiring all of its vendors to use the Framework by contract. Apple is incorporating the Framework as part of the broader security protocols across its corporate networks. Bank of America will announce that it is using the Framework and will also require it of its vendors. U.S. Bank and Pacific Gas & Electric are announcing that they are committed to using the Framework. AIG is starting to incorporate the NIST framework into how it underwrites cyber insurance for large, medium-sized, and small businesses and will use the framework to help customers identify gaps in their approach to cybersecurity. QVC is announcing that it is using the Cybersecurity Framework in its risk management. Walgreens is announcing its support for the Cybersecurity Framework and that it uses it as one of its tools for identifying and measuring risk. Kaiser Permanente is committing to use the Framework. Source: http://www.whitehouse.gov/the-press-office/2015/02/13/fact-sheet-white-house-summit-cybersecurity-and-consumer-protection ACFEA's Signal Magazine also wrote a nice piece in support of the Framework. http://www.afcea.org/content/?q=happy-birthday-nists-cybersecurity-framework To all that have been involve since the beginning and since. This is good work and thank you!! Happy Birthday Cybersecurity Framework.