Want a Career in GRC? Learn the NIST CSF 2.0.
The NIST CSF 2.0 (Cyber Security Framework) Just Dropped Recently. Whether you are Looking for a Career in GRC or you just want to Keep your Business Secure, this Security Framework is easy to Understand. Below is a Overview:
There are now 6 categories for the NIST CSF 2.0. If you take the time to review this framework, you will have a better understanding of how to help an organization stay secure.
Remember to Save 💾 this post for future reference.
🟡 GOVERN (GV) - Making sure the organization's cybersecurity risk management strategy, expectations, and policy are established, communicated, and monitored.
1. Organizational Context
2. Risk Management Strategy
3. Roles, Responsibilities, and Authorities
4. Policy
5. Oversight
6. Cybersecurity Supply Chain Risk Management
🔵 IDENTIFY (ID) - Ensuring the organization's current cybersecurity risks are understood.
1. Asset Management
2. Risk Assessment
3. Improvement
🟣 PROTECT (PR) - Putting in safeguards to manage the organization's cybersecurity risks are used.
1. Identity Management, Authentication, and Access Control
2. Awareness and Training
3. Data Security
4. Platform Security
5. Technology Infrastructure Resilience
🟠 DETECT (DE) - Making sure possible cybersecurity attacks and compromises are found and analyzed.
1. Continuous Monitoring
2. Adverse Event Analysis
🔴 RESPOND (RS) - These are actions regarding a detected cybersecurity incident are taken.
1. Incident Management
2. Incident Analysis
3. Incident Response Reporting and Communication
4. Incident Mitigation
🟢 RECOVER (RC) - Ensuring assets and operations affected by a cybersecurity incident are restored.
1. Incident Recovery Plan Execution
2. Incident Recovery Communication
There is no need to reinvent the wheel. This Cyber Security Framework lays out a complete security posture that you can align with. Learning this framework inside out will help you:
✅ Enjoy a great Cyber Security Career in GRC
✅ Help Protect your Own Organization
This is the first major update since it's creation over a decade ago. Remember, knowledge is power. The more you learn, the more valuable you are as a Cyber Security Professional.
There are 2 Ways I can Help you Get a Job in Cyber Security:
1. My Break in Cyber Playbook - This playbook that I wrote will give you solid direction on the right path to take to get into Cyber Security. Better yet, it's also a complete guide on how to stand out to recruiters and make them find you. Get it here.
2. Book a 1-on-1 Call with Me - Let me get to know you and steer you in the right direction so you can work toward land that next job in Cyber Security. I can help you get discovered by recruiters because I know what they are looking for.
My calls are informal, fun, and extremely productive. I guarantee you will have some great take-aways and feel more confident by the end of the call or I'll refund you completely.
If you book a call within the next 12 hours, I will also give you a free copy (PDF) of my Break in Cyber Playbook that will help guide you to landing a job.
~ Mike Miller
Comments