The NIST Cybersecurity Framework is coming! Are you ready? presented at BSidesOrlando 2015

by Michael Brown,

Summary : NIST (National Institute of Science and Technology) recently rolled out the Cybersecurity Framework (CSF) for use by organizations. The Framework sets down a group of standards to assess the security posture of organizations. While use of the Framework is not mandatory, in some areas we are seeing that the use of it is being pushed. For instance, the SEC is expecting various financial institutions to be assessed against it. As security professionals, we need to understand what the Framework is all about, as we may soon (if not already) be expected to ensure our systems are in-line with it.
This presentation will give an overview of the elements of the CSF, with a comparison of other widely used Frameworks, such as ISO 27001/2. At the end, you should have a better understanding of the Framework and better able to deal with it.