Jump to content

Search the Community

Showing results for tags 'Framework'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Categories

  • Founder
  • Platinum
  • Gold
  • Silver
  • Partners

Forums

  • Framework 101
    • Webseries
    • Tiers
    • Profiles
    • Framework Core
  • General
    • Implementation Guidance
    • Solutions
    • Framework in the News
    • Supply Chain Risk Management
    • Success Stories
    • General Discussion
  • Version 2.0
    • Governance
    • Technical Qualifications
    • Updates and Improvements
  • Workshop
    • Feedback
  • Members
    • Member's Lounge
  • BSI RFI Responses

Blogs

  • Team CForum
  • Mike Brown's Blog
  • Tom.Conkle's Blog
  • Tony Sager's Blog
  • RonGula's Blog
  • Whitsitt on the NIST Framework
  • Frank Downs' Blog
  • Thoughts from Greg
  • matthew.smith's Blog

Categories

  • General
  • BSI RFI Responses
  • Guides
  • Templates
  • Example Profiles
  • Other Resources

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


ICQ


Yahoo


Jabber


Skype


Location


Interests


First


Last


Middle


Company Name


Sector


Affiliations


Country

Found 6 results

  1. On January 10, 2017, NIST released a draft update to the "Framework for Improving Critical Infrastructure Cybersecurity". Per NIST, the draft update was created to refine, clarify, and enhance version 1.0. The update is not intended to disrupt any organizations currently using the Framework. The updates should align with their current business process relating to the Framework and help add clarity for those implementing the Framework for the first time. NIST created the update based on comments received from the community through the December 2015 RFI and April 2016 workshop. Additionally, the update addresses several of the items listed for further analysis in the Framework companion document ("NIST Roadmap for Improving Critical Infrastructure Cybersecurity"). The refinements, clarification, and enhancements include a new section on cybersecurity measurements, a strong emphasis on supply chain risk management, refinements in the access control category, and to provide a better explanation of the relationship between the Implementation Tiers and Profiles. NIST is seeking public comment on the draft to improve the update before it goes final and to determine if the updates could impact an organization currently implementing the Framework. NIST intents to convene a workshop after reviewing public comments to further refine the update before the final update is published - currently planned for fall of 2017. Cybersecurity Framework version 1.1 is located on the NIST website at https://www.nist.gov/cyberframework/draft-version-11. What are you thoughts on the updates?
  2. Tom.Conkle

    Cybersecurity Framework Workshop 2016

    NIST is hosting the next Cybersecurity Framework at their main campus in Gaithersburg, MD. The conference is scheduled for April 6 - 7, 2016. The registration page is open. The workshop draft agenda includes a readout on the responses to the December 2015 RFI and working sessions on Roadmap items, Governance of the Framework, Framework Update, and several special topics. Topics are expected to include: ways in which the Framework is being used to improve cybersecurity risk management, how best practices for using the Framework are being shared, the relative value of different parts of the Framework, the possible need for an update of the Framework, and options for long-term governance of the Framework. There is an optional seminar on April 5 that will provide an overview of the Framework's development, basic components, uses cases, and resources. The optional seminar will provide a 101 type session to help attendees understand how the Framework was developed and is being used today. I hope to see you there.
  3. matthew.smith

    Threat Informed Risk Management

    Version 3

    208 downloads

    This document shows users how to implement threat informed risk management through use of the Cybersecurity Framework and NIST SP 800-154.
  4. Tom.Conkle

    UoC Framework Use Case

    Version

    42 downloads

    This paper describes how the University of Chicago implemented the Cybersecurity Framework. This use case also describes how the University leveraged the Framework Profiles to measure and track improvements within their cybersecurity program.
  5. Tom.Conkle

    Cybersecurity Framework Workshop 2016

    NIST is hosting the next Cybersecurity Framework at their main campus in Gaithersburg, MD. The conference is scheduled for April 6 - 7, 2016. The registration page is open. The workshop draft agenda includes a readout on the responses to the December 2015 RFI and working sessions on Roadmap items, Governance of the Framework, Framework Update, and several special topics. Topics are expected to include: ways in which the Framework is being used to improve cybersecurity risk management, how best practices for using the Framework are being shared, the relative value of different parts of the Framework, the possible need for an update of the Framework, and options for long-term governance of the Framework. There is an optional seminar on April 5 that will provide an overview of the Framework's development, basic components, uses cases, and resources. The optional seminar will provide a 101 type session to help attendees understand how the Framework was developed and is being used today. I hope to see you there.
  6. Which of the many information security frameworks is in most demand from companies and other organizations in the US? Which of the information security frameworks is the shortage of implementation planners greatest? Dave
×