Thank you for the video. That would be awesome if you could insert links to the NIST framework steps that you explained so I could read up a little more
Hi Shon! NIST has some additional information in the Cybersecurity Framework itself describing "Establishing or Improving a Cybersecurity Program" in Section 3.2 (www.nist.gov/cyberframework/framework). Additionally, we have a more in depth video that walks through implementing the Cybersecurity Framework along with NIST's Privacy Framework that you might find helpful (ua-cam.com/video/8Hu_C1jA7XY/v-deo.html).
How do these 7 implementation steps relate to the Framework Core (The functions ID, PR, DE, RS and RC) that you presented in the other video? If forexample you're working on step one (Prioritize and Scope), it seems reasonable to assume that you are touching the function Identify, as this is about identifying the assets, business environmet etc. What I am missing is an arrow or explanation that clarifies what you're working at each step in the 7 implementation steps against the functions in the Framework core. Thanks in advance
The closest relationship to the Core is in steps 3 (Create a Current State Profile) & 5 (Create a Target State Profile). In these steps, we create a Profile organized by the Functions, Categories, or Subcategories to understand our current or target state relating to each. Step 1, Prioritize and Scope is more focused on evaluating what is being evaluated rather than beginning the evaluation itself. Hope this helps!
@@OpticCyber Thanks a lot, I appriciate the respons. So the 7 implementation steps are used basically independent of Core? You explained very well in the first video that the Core are outcome based, and only tells you what to do, and not how to do it. But would it be reasonable to presume that the 7 steps are used without having the Core, or would you say that you must first have/look at the Core, then use the 7 steps? I'm just trying to understand if the Core and the 7 steps were created in conjunction to each other, or if one would use the other without even having to know that the other exists (which of cours is possible, but I'm not sure if that was the intent)?
@@romiocp732 You're right, the Implementation Steps can be used independently of the Core and the Core used independently of the Implementation Steps. However, they work very well together to use the Core as the criteria for evaluating a cybersecurity program leveraging the Implementation Steps as the process to follow.
These videos are great! Thank you for sharing!
thank you this is reallly helpful for me as a beginner and studying cybersecurity.
I wish more people would put information out on how to remember this information.
Good Video Though!!!!!
A great high level overview. Thanks for the video Kelly!
Congratulations!
awesome job.
Good work
Thank you for the video. That would be awesome if you could insert links to the NIST framework steps that you explained so I could read up a little more
Hi Shon! NIST has some additional information in the Cybersecurity Framework itself describing "Establishing or Improving a Cybersecurity Program" in Section 3.2 (www.nist.gov/cyberframework/framework). Additionally, we have a more in depth video that walks through implementing the Cybersecurity Framework along with NIST's Privacy Framework that you might find helpful (ua-cam.com/video/8Hu_C1jA7XY/v-deo.html).
Super resourceful and clear! Thank you!
So helpful, thank you!
How do these 7 implementation steps relate to the Framework Core (The functions ID, PR, DE, RS and RC) that you presented in the other video? If forexample you're working on step one (Prioritize and Scope), it seems reasonable to assume that you are touching the function Identify, as this is about identifying the assets, business environmet etc.
What I am missing is an arrow or explanation that clarifies what you're working at each step in the 7 implementation steps against the functions in the Framework core.
Thanks in advance
The closest relationship to the Core is in steps 3 (Create a Current State Profile) & 5 (Create a Target State Profile). In these steps, we create a Profile organized by the Functions, Categories, or Subcategories to understand our current or target state relating to each. Step 1, Prioritize and Scope is more focused on evaluating what is being evaluated rather than beginning the evaluation itself. Hope this helps!
@@OpticCyber Thanks a lot, I appriciate the respons.
So the 7 implementation steps are used basically independent of Core? You explained very well in the first video that the Core are outcome based, and only tells you what to do, and not how to do it. But would it be reasonable to presume that the 7 steps are used without having the Core, or would you say that you must first have/look at the Core, then use the 7 steps?
I'm just trying to understand if the Core and the 7 steps were created in conjunction to each other, or if one would use the other without even having to know that the other exists (which of cours is possible, but I'm not sure if that was the intent)?
@@romiocp732 You're right, the Implementation Steps can be used independently of the Core and the Core used independently of the Implementation Steps. However, they work very well together to use the Core as the criteria for evaluating a cybersecurity program leveraging the Implementation Steps as the process to follow.
Didnt understood single word but i feel good listning u r voice
The links on your website are not working
Thanks for reaching out. Can you let me know what link you are looking for and I will send directly!
Awesome
Wow😱