SlideShare una empresa de Scribd logo
1 de 22
CYBERSECURITY CERTIFICATION COURSE www.edureka.co/cybersecurity-certification-training
CYBERSECURITY CERTIFICATION COURSE www.edureka.co/cybersecurity-certification-training
Improving Critical Infrastructure Cybersecurity
Why Cybersecurity Framework?
Types of Cybersecurity Framework
Cybersecurity Framework Components
Agenda
Steps to Implement Framework
Coordination of Framework Implementation
CYBERSECURITY CERTIFICATION COURSE www.edureka.co/cybersecurity-certification-training
Improving Critical Infrastructure Cybersecurity
Executive Order 13636
12 February 2013
“It is the policy of the United States to enhance the security and
resilience of the Nation’s critical infrastructure and to maintain a
cyber environment that encourages efficiency, innovation, and
economic prosperity while promoting safety, security, business
confidentiality, privacy, and civil liberties”
CYBERSECURITY CERTIFICATION COURSE www.edureka.co/cybersecurity-certification-training
According to the Executive Order…
Align policy, business and
technological approaches to
address cyber risks
Prioritized, flexible, repeatable,
performance-based, and cost-
effective approach
Identify areas for improvement
to be addressed through future
collaboration
Be consistent with voluntary
international standards
CYBERSECURITY CERTIFICATION COURSE www.edureka.co/cybersecurity-certification-training
Why Cybersecurity Framework?
It Results in a shift from compliance to action and
specific outcomes
It has built-in maturity model and gap analysis so you
don't need additional maturity model on top of CSF
It gives you a measure of where you are and where you
need to go
It can be implemented in stages or degrees which makes
it more appealing to business
CYBERSECURITY CERTIFICATION COURSE www.edureka.co/cybersecurity-certification-training
What Is Cybersecurity Framework?
The Framework is voluntary guidance,
based on existing guidelines, and
practices for organizations to better
manage and reduce cybersecurity risk.
CYBERSECURITY CERTIFICATION COURSE www.edureka.co/cybersecurity-certification-training
CYBERSECURITY CERTIFICATION COURSE www.edureka.co/cybersecurity-certification-training
Types of Frameworks
PCI-DSS
It is designed to
protect credit card,
debit card, and cash
card transactions
ISO 27001/27002
Best practice
recommendations for
information security
management and
information security
program elements.
CIS-Critical Security
Controls
cyber protection that
give noteworthy
approaches to stop the
present most
inescapable attacks
NIST Framework
Improving critical
infrastructure
Cybersecurity to improve
organization’s risks by
leveraging standard
methodologies and
processes
CYBERSECURITY CERTIFICATION COURSE www.edureka.co/cybersecurity-certification-training
NIST: Most Popular among Frameworks
NIST framework was developed in Feb 2013 after US Presidential Executive order
To address national and
economic security challenges
Reduce cyber risks to critical
Infrastructure
To be voluntary
(for private sector)
Collaboratively developed with
stakeholders
CYBERSECURITY CERTIFICATION COURSE www.edureka.co/cybersecurity-certification-training
Objectives of the Framework
Adaptable,
flexible, and
scalable
Improve
Organization’s
readiness for
managing
cybersecurity risk
Flexible,
repeatable, and
performance
based
Cost-effective Leverage
standards,
methodologies
and processes
Promote
technology
innovation
Actionable across
the enterprise-
focus on outcomes
01 02 03 04 05 06 07
CYBERSECURITY CERTIFICATION COURSE www.edureka.co/cybersecurity-certification-training
Cybersecurity Framework Components
Framework
Profile
Framework
Implementation
Tiers
Framework
Core
Are an association’s novel
arrangement of their organizational
prerequisites and goals, and assets
against the coveted results of the
Framework Core.
Guides associations in overseeing and
decreasing their Cybersecurity
chances in a way that supplements an
association’s current Cybersecurity
and risk management processes.
Describes how cybersecurity
risk is managed by an organization
and degree the risk management
practices exhibit key characteristics
CYBERSECURITY CERTIFICATION COURSE www.edureka.co/cybersecurity-certification-training
Framework Implementation Tiers
Tier 1
Partial
Tier 2
Risk Informed
Tier 3
Repeatable
Tier 4
Adaptive
The extent to which cybersecurity is considered in broader risk
management decisions
The degree to which the organization benefits my sharing or receiving
information from outside parties
The functionality and repeatability of cybersecurity risk managementRisk Management Process
Risk Management Program
External Participation
CYBERSECURITY CERTIFICATION COURSE www.edureka.co/cybersecurity-certification-training
Framework Core
Respond
What processes and
assets need
protection?
What techniques
can restore
capabilities
What safeguards are
available?
What techniques
can identify
incidents?
What techniques
can contain impacts
on incidents?
CYBERSECURITY CERTIFICATION COURSE www.edureka.co/cybersecurity-certification-training
Framework Core: Identify
Function Category ID
Identify
Asset Management ID.AM
Business Environment ID.BE
Governance ID.GV
Risk Assessment ID.RA
Risk Management Strategy ID.RM
Protect
Access Control PR.AC
Awareness and Training PR.AT
Data Security PR.DS
Information Protection Processes & Procedures PR.IP
Maintenance PR.MA
Protective Technology PR.PT
Detect
Anomalies and Events DE.AE
Security Continuous Monitoring DE.CM
Detection Processes DE.DP
Respond
Response Planning RS.RP
Communications RS.CO
Analysis RS.AN
Mitigation RS.MI
Improvements RS.IM
Recover
Recovery Planning RC.RP
Improvements RC.IM
Communications RC.CO
This function helps with building up a
hierarchical comprehension in overseeing
cybersecurity to frameworks, individuals,
resources, information, and capacities
CYBERSECURITY CERTIFICATION COURSE www.edureka.co/cybersecurity-certification-training
Framework Profiles: Protect
Function Category ID
Identify
Asset Management ID.AM
Business Environment ID.BE
Governance ID.GV
Risk Assessment ID.RA
Risk Management Strategy ID.RM
Protect
Access Control PR.AC
Awareness and Training PR.AT
Data Security PR.DS
Information Protection Processes & Procedures PR.IP
Maintenance PR.MA
Protective Technology PR.PT
Detect
Anomalies and Events DE.AE
Security Continuous Monitoring DE.CM
Detection Processes DE.DP
Respond
Response Planning RS.RP
Communications RS.CO
Analysis RS.AN
Mitigation RS.MI
Improvements RS.IM
Recover
Recovery Planning RC.RP
Improvements RC.IM
Communications RC.CO
This function develop and implement the
appropriate safeguards and controls to
ensure delivery of critical infrastructure
services
CYBERSECURITY CERTIFICATION COURSE www.edureka.co/cybersecurity-certification-training
Framework Profiles: Detect
Function Category ID
Identify
Asset Management ID.AM
Business Environment ID.BE
Governance ID.GV
Risk Assessment ID.RA
Risk Management Strategy ID.RM
Protect
Access Control PR.AC
Awareness and Training PR.AT
Data Security PR.DS
Information Protection Processes & Procedures PR.IP
Maintenance PR.MA
Protective Technology PR.PT
Detect
Anomalies and Events DE.AE
Security Continuous Monitoring DE.CM
Detection Processes DE.DP
Respond
Response Planning RS.RP
Communications RS.CO
Analysis RS.AN
Mitigation RS.MI
Improvements RS.IM
Recover
Recovery Planning RC.RP
Improvements RC.IM
Communications RC.CO
This Function characterizes the fitting
exercises to recognize the event of a
Cybersecurity occasion. The Detect Function
empowers opportune revelation of
Cybersecurity occasions.
CYBERSECURITY CERTIFICATION COURSE www.edureka.co/cybersecurity-certification-training
Framework Profiles: Respond
Function Category ID
Identify
Asset Management ID.AM
Business Environment ID.BE
Governance ID.GV
Risk Assessment ID.RA
Risk Management Strategy ID.RM
Protect
Access Control PR.AC
Awareness and Training PR.AT
Data Security PR.DS
Information Protection Processes & Procedures PR.IP
Maintenance PR.MA
Protective Technology PR.PT
Detect
Anomalies and Events DE.AE
Security Continuous Monitoring DE.CM
Detection Processes DE.DP
Respond
Response Planning RS.RP
Communications RS.CO
Analysis RS.AN
Mitigation RS.MI
Improvements RS.IM
Recover
Recovery Planning RC.RP
Improvements RC.IM
Communications RC.CO
This Function develop and implement the
appropriate activities and controls to identify
occurrence of a cybersecurity event. It
bolsters the capacity to contain the effect of a
potential Cybersecurity occurrence.
CYBERSECURITY CERTIFICATION COURSE www.edureka.co/cybersecurity-certification-training
Framework Profiles: Recover
Function Category ID
Identify
Asset Management ID.AM
Business Environment ID.BE
Governance ID.GV
Risk Assessment ID.RA
Risk Management Strategy ID.RM
Protect
Access Control PR.AC
Awareness and Training PR.AT
Data Security PR.DS
Information Protection Processes & Procedures PR.IP
Maintenance PR.MA
Protective Technology PR.PT
Detect
Anomalies and Events DE.AE
Security Continuous Monitoring DE.CM
Detection Processes DE.DP
Respond
Response Planning RS.RP
Communications RS.CO
Analysis RS.AN
Mitigation RS.MI
Improvements RS.IM
Recover
Recovery Planning RC.RP
Improvements RC.IM
Communications RC.CO
The Recover Function distinguishes proper
exercises to keep up plans for versatility and
to re-establish any abilities or administrations
that were impeded because of a
Cybersecurity event.
CYBERSECURITY CERTIFICATION COURSE www.edureka.co/cybersecurity-certification-training
Framework Profile
Profiles can be used to identify opportunities for improving
Cybersecurity posture by comparing the current profile (“as is”
state with the target profile (“to be” state)
CYBERSECURITY CERTIFICATION COURSE www.edureka.co/cybersecurity-certification-training
Steps to Implement Framework
Step 1
Step 2
Step 3
Step 4
Step 5
Step 6
Prioritize & scope
Create a Current Profile Create a Target Profile
Orient Conduct a Risk Assessment Determine, analyze &
prioritize gaps
Step 7
Implement Action Plan
CYBERSECURITY CERTIFICATION COURSE www.edureka.co/cybersecurity-certification-training
Coordination of Framework Implementation
Risk Management
Implementation
Copyright © 2018, edureka and/or its affiliates. All rights reserved.
Don’t just learn it, MASTER it with
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certification | Edureka

Más contenido relacionado

La actualidad más candente

Cybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your OrganizationCybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your OrganizationMcKonly & Asbury, LLP
 
Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...
Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...
Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...Edureka!
 
NIST Cybersecurity Framework Intro for ISACA Richmond Chapter
NIST Cybersecurity Framework Intro for ISACA Richmond ChapterNIST Cybersecurity Framework Intro for ISACA Richmond Chapter
NIST Cybersecurity Framework Intro for ISACA Richmond ChapterTuan Phan
 
Cybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architectureCybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architecturePriyanka Aash
 
INCIDENT RESPONSE NIST IMPLEMENTATION
INCIDENT RESPONSE NIST IMPLEMENTATIONINCIDENT RESPONSE NIST IMPLEMENTATION
INCIDENT RESPONSE NIST IMPLEMENTATIONSylvain Martinez
 
Security Training: #3 Threat Modelling - Practices and Tools
Security Training: #3 Threat Modelling - Practices and ToolsSecurity Training: #3 Threat Modelling - Practices and Tools
Security Training: #3 Threat Modelling - Practices and ToolsYulian Slobodyan
 
Introduction to Risk Management via the NIST Cyber Security Framework
Introduction to Risk Management via the NIST Cyber Security FrameworkIntroduction to Risk Management via the NIST Cyber Security Framework
Introduction to Risk Management via the NIST Cyber Security FrameworkPECB
 
CyberSecurity Certifications | CyberSecurity Career | CyberSecurity Certifica...
CyberSecurity Certifications | CyberSecurity Career | CyberSecurity Certifica...CyberSecurity Certifications | CyberSecurity Career | CyberSecurity Certifica...
CyberSecurity Certifications | CyberSecurity Career | CyberSecurity Certifica...Edureka!
 
Threat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formalThreat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formalPriyanka Aash
 
SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1Priyanka Aash
 
Rothke rsa 2012 building a security operations center (soc)
Rothke rsa 2012  building a security operations center (soc)Rothke rsa 2012  building a security operations center (soc)
Rothke rsa 2012 building a security operations center (soc)Ben Rothke
 
IBM Security Strategy Overview
IBM Security Strategy OverviewIBM Security Strategy Overview
IBM Security Strategy Overviewxband
 
Cyber Security Awareness
Cyber Security AwarenessCyber Security Awareness
Cyber Security AwarenessRamiro Cid
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligencemohamed nasri
 
An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)Ahmad Haghighi
 

La actualidad más candente (20)

Cybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your OrganizationCybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your Organization
 
Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...
Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...
Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...
 
NIST Cybersecurity Framework Intro for ISACA Richmond Chapter
NIST Cybersecurity Framework Intro for ISACA Richmond ChapterNIST Cybersecurity Framework Intro for ISACA Richmond Chapter
NIST Cybersecurity Framework Intro for ISACA Richmond Chapter
 
Cybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architectureCybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architecture
 
INCIDENT RESPONSE NIST IMPLEMENTATION
INCIDENT RESPONSE NIST IMPLEMENTATIONINCIDENT RESPONSE NIST IMPLEMENTATION
INCIDENT RESPONSE NIST IMPLEMENTATION
 
Security Training: #3 Threat Modelling - Practices and Tools
Security Training: #3 Threat Modelling - Practices and ToolsSecurity Training: #3 Threat Modelling - Practices and Tools
Security Training: #3 Threat Modelling - Practices and Tools
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
 
Cyber Security PPT - 2023.pptx
Cyber Security PPT - 2023.pptxCyber Security PPT - 2023.pptx
Cyber Security PPT - 2023.pptx
 
Introduction to Risk Management via the NIST Cyber Security Framework
Introduction to Risk Management via the NIST Cyber Security FrameworkIntroduction to Risk Management via the NIST Cyber Security Framework
Introduction to Risk Management via the NIST Cyber Security Framework
 
CyberSecurity Certifications | CyberSecurity Career | CyberSecurity Certifica...
CyberSecurity Certifications | CyberSecurity Career | CyberSecurity Certifica...CyberSecurity Certifications | CyberSecurity Career | CyberSecurity Certifica...
CyberSecurity Certifications | CyberSecurity Career | CyberSecurity Certifica...
 
Threat Intelligence
Threat IntelligenceThreat Intelligence
Threat Intelligence
 
Threat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formalThreat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formal
 
SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1
 
Security Awareness Training by Fortinet
Security Awareness Training by FortinetSecurity Awareness Training by Fortinet
Security Awareness Training by Fortinet
 
Rothke rsa 2012 building a security operations center (soc)
Rothke rsa 2012  building a security operations center (soc)Rothke rsa 2012  building a security operations center (soc)
Rothke rsa 2012 building a security operations center (soc)
 
IBM Security Strategy Overview
IBM Security Strategy OverviewIBM Security Strategy Overview
IBM Security Strategy Overview
 
Cyber Security Awareness
Cyber Security AwarenessCyber Security Awareness
Cyber Security Awareness
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligence
 
SOC Cyber Security
SOC Cyber SecuritySOC Cyber Security
SOC Cyber Security
 
An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)
 

Similar a Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certification | Edureka

Isa Prog Need L
Isa Prog Need LIsa Prog Need L
Isa Prog Need LR_Yanus
 
Does Anyone Remember Enterprise Security Architecture?
Does Anyone Remember Enterprise Security Architecture?Does Anyone Remember Enterprise Security Architecture?
Does Anyone Remember Enterprise Security Architecture?rbrockway
 
From Cave Man to Business Man, the Evolution of the CISO to CIRO
From Cave Man to Business Man, the Evolution of the CISO to CIROFrom Cave Man to Business Man, the Evolution of the CISO to CIRO
From Cave Man to Business Man, the Evolution of the CISO to CIROPriyanka Aash
 
Cloud Clinique Enterprise IT Certification Program - Module Matrix
Cloud Clinique   Enterprise IT Certification Program - Module MatrixCloud Clinique   Enterprise IT Certification Program - Module Matrix
Cloud Clinique Enterprise IT Certification Program - Module MatrixAdrian Hall
 
Smart security solutions for SMBs
Smart security solutions for SMBsSmart security solutions for SMBs
Smart security solutions for SMBsJyothi Satyanathan
 
Enhance Your Skills With Cybersecurity certification
Enhance Your Skills With Cybersecurity certificationEnhance Your Skills With Cybersecurity certification
Enhance Your Skills With Cybersecurity certificationgsdcouncil1
 
Information Security Framework
Information Security FrameworkInformation Security Framework
Information Security Frameworkssuser65fa31
 
Why ISO 27001 for an Organisation
Why ISO 27001 for an OrganisationWhy ISO 27001 for an Organisation
Why ISO 27001 for an OrganisationSyed Azher
 
Cyber crime with privention
Cyber crime with privention Cyber crime with privention
Cyber crime with privention Manish Dixit Ceh
 
G3 04 bawi 2020 the iiba cybersecurity perspective maurizio garofalo
G3 04 bawi 2020 the iiba cybersecurity perspective maurizio garofaloG3 04 bawi 2020 the iiba cybersecurity perspective maurizio garofalo
G3 04 bawi 2020 the iiba cybersecurity perspective maurizio garofaloIIBA-IT
 
Enterprise%20 security%20architecture%20 %20business%20driven%20security
Enterprise%20 security%20architecture%20 %20business%20driven%20securityEnterprise%20 security%20architecture%20 %20business%20driven%20security
Enterprise%20 security%20architecture%20 %20business%20driven%20securitywardell henley
 
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdfFor Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdfJustinBrown267905
 
II Security At Microsoft
II Security At MicrosoftII Security At Microsoft
II Security At MicrosoftMark J. Feldman
 
Saikiran_CV_Operational Risk_updated
Saikiran_CV_Operational Risk_updatedSaikiran_CV_Operational Risk_updated
Saikiran_CV_Operational Risk_updatedkonchada
 
Saikiran_CV_Operational Risk_updated
Saikiran_CV_Operational Risk_updatedSaikiran_CV_Operational Risk_updated
Saikiran_CV_Operational Risk_updatedkonchada
 
Implementing a Security Management Framework
Implementing a Security Management FrameworkImplementing a Security Management Framework
Implementing a Security Management FrameworkJoseph Wynn
 
Key metrics and process in cyber security case scenario
Key metrics and process in cyber security case scenarioKey metrics and process in cyber security case scenario
Key metrics and process in cyber security case scenarioAkingbade Akinfenwa
 

Similar a Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certification | Edureka (20)

Isa Prog Need L
Isa Prog Need LIsa Prog Need L
Isa Prog Need L
 
Does Anyone Remember Enterprise Security Architecture?
Does Anyone Remember Enterprise Security Architecture?Does Anyone Remember Enterprise Security Architecture?
Does Anyone Remember Enterprise Security Architecture?
 
From Cave Man to Business Man, the Evolution of the CISO to CIRO
From Cave Man to Business Man, the Evolution of the CISO to CIROFrom Cave Man to Business Man, the Evolution of the CISO to CIRO
From Cave Man to Business Man, the Evolution of the CISO to CIRO
 
Cloud Clinique Enterprise IT Certification Program - Module Matrix
Cloud Clinique   Enterprise IT Certification Program - Module MatrixCloud Clinique   Enterprise IT Certification Program - Module Matrix
Cloud Clinique Enterprise IT Certification Program - Module Matrix
 
Smart security solutions for SMBs
Smart security solutions for SMBsSmart security solutions for SMBs
Smart security solutions for SMBs
 
Enhance Your Skills With Cybersecurity certification
Enhance Your Skills With Cybersecurity certificationEnhance Your Skills With Cybersecurity certification
Enhance Your Skills With Cybersecurity certification
 
Cybersecurity Careers - Step Up Skill Feb2023 (1).pdf
Cybersecurity Careers - Step Up Skill Feb2023 (1).pdfCybersecurity Careers - Step Up Skill Feb2023 (1).pdf
Cybersecurity Careers - Step Up Skill Feb2023 (1).pdf
 
Information Security Framework
Information Security FrameworkInformation Security Framework
Information Security Framework
 
Why ISO 27001 for an Organisation
Why ISO 27001 for an OrganisationWhy ISO 27001 for an Organisation
Why ISO 27001 for an Organisation
 
RISE's Training Catalog
RISE's Training CatalogRISE's Training Catalog
RISE's Training Catalog
 
CCA study group
CCA study groupCCA study group
CCA study group
 
Cyber crime with privention
Cyber crime with privention Cyber crime with privention
Cyber crime with privention
 
G3 04 bawi 2020 the iiba cybersecurity perspective maurizio garofalo
G3 04 bawi 2020 the iiba cybersecurity perspective maurizio garofaloG3 04 bawi 2020 the iiba cybersecurity perspective maurizio garofalo
G3 04 bawi 2020 the iiba cybersecurity perspective maurizio garofalo
 
Enterprise%20 security%20architecture%20 %20business%20driven%20security
Enterprise%20 security%20architecture%20 %20business%20driven%20securityEnterprise%20 security%20architecture%20 %20business%20driven%20security
Enterprise%20 security%20architecture%20 %20business%20driven%20security
 
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdfFor Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
 
II Security At Microsoft
II Security At MicrosoftII Security At Microsoft
II Security At Microsoft
 
Saikiran_CV_Operational Risk_updated
Saikiran_CV_Operational Risk_updatedSaikiran_CV_Operational Risk_updated
Saikiran_CV_Operational Risk_updated
 
Saikiran_CV_Operational Risk_updated
Saikiran_CV_Operational Risk_updatedSaikiran_CV_Operational Risk_updated
Saikiran_CV_Operational Risk_updated
 
Implementing a Security Management Framework
Implementing a Security Management FrameworkImplementing a Security Management Framework
Implementing a Security Management Framework
 
Key metrics and process in cyber security case scenario
Key metrics and process in cyber security case scenarioKey metrics and process in cyber security case scenario
Key metrics and process in cyber security case scenario
 

Más de Edureka!

What to learn during the 21 days Lockdown | Edureka
What to learn during the 21 days Lockdown | EdurekaWhat to learn during the 21 days Lockdown | Edureka
What to learn during the 21 days Lockdown | EdurekaEdureka!
 
Top 10 Dying Programming Languages in 2020 | Edureka
Top 10 Dying Programming Languages in 2020 | EdurekaTop 10 Dying Programming Languages in 2020 | Edureka
Top 10 Dying Programming Languages in 2020 | EdurekaEdureka!
 
Top 5 Trending Business Intelligence Tools | Edureka
Top 5 Trending Business Intelligence Tools | EdurekaTop 5 Trending Business Intelligence Tools | Edureka
Top 5 Trending Business Intelligence Tools | EdurekaEdureka!
 
Tableau Tutorial for Data Science | Edureka
Tableau Tutorial for Data Science | EdurekaTableau Tutorial for Data Science | Edureka
Tableau Tutorial for Data Science | EdurekaEdureka!
 
Python Programming Tutorial | Edureka
Python Programming Tutorial | EdurekaPython Programming Tutorial | Edureka
Python Programming Tutorial | EdurekaEdureka!
 
Top 5 PMP Certifications | Edureka
Top 5 PMP Certifications | EdurekaTop 5 PMP Certifications | Edureka
Top 5 PMP Certifications | EdurekaEdureka!
 
Top Maven Interview Questions in 2020 | Edureka
Top Maven Interview Questions in 2020 | EdurekaTop Maven Interview Questions in 2020 | Edureka
Top Maven Interview Questions in 2020 | EdurekaEdureka!
 
Linux Mint Tutorial | Edureka
Linux Mint Tutorial | EdurekaLinux Mint Tutorial | Edureka
Linux Mint Tutorial | EdurekaEdureka!
 
How to Deploy Java Web App in AWS| Edureka
How to Deploy Java Web App in AWS| EdurekaHow to Deploy Java Web App in AWS| Edureka
How to Deploy Java Web App in AWS| EdurekaEdureka!
 
Importance of Digital Marketing | Edureka
Importance of Digital Marketing | EdurekaImportance of Digital Marketing | Edureka
Importance of Digital Marketing | EdurekaEdureka!
 
RPA in 2020 | Edureka
RPA in 2020 | EdurekaRPA in 2020 | Edureka
RPA in 2020 | EdurekaEdureka!
 
Email Notifications in Jenkins | Edureka
Email Notifications in Jenkins | EdurekaEmail Notifications in Jenkins | Edureka
Email Notifications in Jenkins | EdurekaEdureka!
 
EA Algorithm in Machine Learning | Edureka
EA Algorithm in Machine Learning | EdurekaEA Algorithm in Machine Learning | Edureka
EA Algorithm in Machine Learning | EdurekaEdureka!
 
Cognitive AI Tutorial | Edureka
Cognitive AI Tutorial | EdurekaCognitive AI Tutorial | Edureka
Cognitive AI Tutorial | EdurekaEdureka!
 
AWS Cloud Practitioner Tutorial | Edureka
AWS Cloud Practitioner Tutorial | EdurekaAWS Cloud Practitioner Tutorial | Edureka
AWS Cloud Practitioner Tutorial | EdurekaEdureka!
 
Blue Prism Top Interview Questions | Edureka
Blue Prism Top Interview Questions | EdurekaBlue Prism Top Interview Questions | Edureka
Blue Prism Top Interview Questions | EdurekaEdureka!
 
Big Data on AWS Tutorial | Edureka
Big Data on AWS Tutorial | Edureka Big Data on AWS Tutorial | Edureka
Big Data on AWS Tutorial | Edureka Edureka!
 
A star algorithm | A* Algorithm in Artificial Intelligence | Edureka
A star algorithm | A* Algorithm in Artificial Intelligence | EdurekaA star algorithm | A* Algorithm in Artificial Intelligence | Edureka
A star algorithm | A* Algorithm in Artificial Intelligence | EdurekaEdureka!
 
Kubernetes Installation on Ubuntu | Edureka
Kubernetes Installation on Ubuntu | EdurekaKubernetes Installation on Ubuntu | Edureka
Kubernetes Installation on Ubuntu | EdurekaEdureka!
 
Introduction to DevOps | Edureka
Introduction to DevOps | EdurekaIntroduction to DevOps | Edureka
Introduction to DevOps | EdurekaEdureka!
 

Más de Edureka! (20)

What to learn during the 21 days Lockdown | Edureka
What to learn during the 21 days Lockdown | EdurekaWhat to learn during the 21 days Lockdown | Edureka
What to learn during the 21 days Lockdown | Edureka
 
Top 10 Dying Programming Languages in 2020 | Edureka
Top 10 Dying Programming Languages in 2020 | EdurekaTop 10 Dying Programming Languages in 2020 | Edureka
Top 10 Dying Programming Languages in 2020 | Edureka
 
Top 5 Trending Business Intelligence Tools | Edureka
Top 5 Trending Business Intelligence Tools | EdurekaTop 5 Trending Business Intelligence Tools | Edureka
Top 5 Trending Business Intelligence Tools | Edureka
 
Tableau Tutorial for Data Science | Edureka
Tableau Tutorial for Data Science | EdurekaTableau Tutorial for Data Science | Edureka
Tableau Tutorial for Data Science | Edureka
 
Python Programming Tutorial | Edureka
Python Programming Tutorial | EdurekaPython Programming Tutorial | Edureka
Python Programming Tutorial | Edureka
 
Top 5 PMP Certifications | Edureka
Top 5 PMP Certifications | EdurekaTop 5 PMP Certifications | Edureka
Top 5 PMP Certifications | Edureka
 
Top Maven Interview Questions in 2020 | Edureka
Top Maven Interview Questions in 2020 | EdurekaTop Maven Interview Questions in 2020 | Edureka
Top Maven Interview Questions in 2020 | Edureka
 
Linux Mint Tutorial | Edureka
Linux Mint Tutorial | EdurekaLinux Mint Tutorial | Edureka
Linux Mint Tutorial | Edureka
 
How to Deploy Java Web App in AWS| Edureka
How to Deploy Java Web App in AWS| EdurekaHow to Deploy Java Web App in AWS| Edureka
How to Deploy Java Web App in AWS| Edureka
 
Importance of Digital Marketing | Edureka
Importance of Digital Marketing | EdurekaImportance of Digital Marketing | Edureka
Importance of Digital Marketing | Edureka
 
RPA in 2020 | Edureka
RPA in 2020 | EdurekaRPA in 2020 | Edureka
RPA in 2020 | Edureka
 
Email Notifications in Jenkins | Edureka
Email Notifications in Jenkins | EdurekaEmail Notifications in Jenkins | Edureka
Email Notifications in Jenkins | Edureka
 
EA Algorithm in Machine Learning | Edureka
EA Algorithm in Machine Learning | EdurekaEA Algorithm in Machine Learning | Edureka
EA Algorithm in Machine Learning | Edureka
 
Cognitive AI Tutorial | Edureka
Cognitive AI Tutorial | EdurekaCognitive AI Tutorial | Edureka
Cognitive AI Tutorial | Edureka
 
AWS Cloud Practitioner Tutorial | Edureka
AWS Cloud Practitioner Tutorial | EdurekaAWS Cloud Practitioner Tutorial | Edureka
AWS Cloud Practitioner Tutorial | Edureka
 
Blue Prism Top Interview Questions | Edureka
Blue Prism Top Interview Questions | EdurekaBlue Prism Top Interview Questions | Edureka
Blue Prism Top Interview Questions | Edureka
 
Big Data on AWS Tutorial | Edureka
Big Data on AWS Tutorial | Edureka Big Data on AWS Tutorial | Edureka
Big Data on AWS Tutorial | Edureka
 
A star algorithm | A* Algorithm in Artificial Intelligence | Edureka
A star algorithm | A* Algorithm in Artificial Intelligence | EdurekaA star algorithm | A* Algorithm in Artificial Intelligence | Edureka
A star algorithm | A* Algorithm in Artificial Intelligence | Edureka
 
Kubernetes Installation on Ubuntu | Edureka
Kubernetes Installation on Ubuntu | EdurekaKubernetes Installation on Ubuntu | Edureka
Kubernetes Installation on Ubuntu | Edureka
 
Introduction to DevOps | Edureka
Introduction to DevOps | EdurekaIntroduction to DevOps | Edureka
Introduction to DevOps | Edureka
 

Último

The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...Aggregage
 
Spring24-Release Overview - Wellingtion User Group-1.pdf
Spring24-Release Overview - Wellingtion User Group-1.pdfSpring24-Release Overview - Wellingtion User Group-1.pdf
Spring24-Release Overview - Wellingtion User Group-1.pdfAnna Loughnan Colquhoun
 
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintMahmoud Rabie
 
Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Adtran
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6DianaGray10
 
Do we need a new standard for visualizing the invisible?
Do we need a new standard for visualizing the invisible?Do we need a new standard for visualizing the invisible?
Do we need a new standard for visualizing the invisible?SANGHEE SHIN
 
Nanopower In Semiconductor Industry.pdf
Nanopower  In Semiconductor Industry.pdfNanopower  In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdfPedro Manuel
 
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfIaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfDaniel Santiago Silva Capera
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioChristian Posta
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfDianaGray10
 
NIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopNIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopBachir Benyammi
 
Linked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesLinked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesDavid Newbury
 
Cloud Revolution: Exploring the New Wave of Serverless Spatial Data
Cloud Revolution: Exploring the New Wave of Serverless Spatial DataCloud Revolution: Exploring the New Wave of Serverless Spatial Data
Cloud Revolution: Exploring the New Wave of Serverless Spatial DataSafe Software
 
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfinfogdgmi
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8DianaGray10
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7DianaGray10
 
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UbiTrack UK
 
RAG Patterns and Vector Search in Generative AI
RAG Patterns and Vector Search in Generative AIRAG Patterns and Vector Search in Generative AI
RAG Patterns and Vector Search in Generative AIUdaiappa Ramachandran
 
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IES VE
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationIES VE
 

Último (20)

The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
 
Spring24-Release Overview - Wellingtion User Group-1.pdf
Spring24-Release Overview - Wellingtion User Group-1.pdfSpring24-Release Overview - Wellingtion User Group-1.pdf
Spring24-Release Overview - Wellingtion User Group-1.pdf
 
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership Blueprint
 
Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6
 
Do we need a new standard for visualizing the invisible?
Do we need a new standard for visualizing the invisible?Do we need a new standard for visualizing the invisible?
Do we need a new standard for visualizing the invisible?
 
Nanopower In Semiconductor Industry.pdf
Nanopower  In Semiconductor Industry.pdfNanopower  In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdf
 
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfIaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and Istio
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
 
NIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopNIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 Workshop
 
Linked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesLinked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond Ontologies
 
Cloud Revolution: Exploring the New Wave of Serverless Spatial Data
Cloud Revolution: Exploring the New Wave of Serverless Spatial DataCloud Revolution: Exploring the New Wave of Serverless Spatial Data
Cloud Revolution: Exploring the New Wave of Serverless Spatial Data
 
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdf
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7
 
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
 
RAG Patterns and Vector Search in Generative AI
RAG Patterns and Vector Search in Generative AIRAG Patterns and Vector Search in Generative AI
RAG Patterns and Vector Search in Generative AI
 
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
 

Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certification | Edureka

  • 1. CYBERSECURITY CERTIFICATION COURSE www.edureka.co/cybersecurity-certification-training
  • 2. CYBERSECURITY CERTIFICATION COURSE www.edureka.co/cybersecurity-certification-training Improving Critical Infrastructure Cybersecurity Why Cybersecurity Framework? Types of Cybersecurity Framework Cybersecurity Framework Components Agenda Steps to Implement Framework Coordination of Framework Implementation
  • 3. CYBERSECURITY CERTIFICATION COURSE www.edureka.co/cybersecurity-certification-training Improving Critical Infrastructure Cybersecurity Executive Order 13636 12 February 2013 “It is the policy of the United States to enhance the security and resilience of the Nation’s critical infrastructure and to maintain a cyber environment that encourages efficiency, innovation, and economic prosperity while promoting safety, security, business confidentiality, privacy, and civil liberties”
  • 4. CYBERSECURITY CERTIFICATION COURSE www.edureka.co/cybersecurity-certification-training According to the Executive Order… Align policy, business and technological approaches to address cyber risks Prioritized, flexible, repeatable, performance-based, and cost- effective approach Identify areas for improvement to be addressed through future collaboration Be consistent with voluntary international standards
  • 5. CYBERSECURITY CERTIFICATION COURSE www.edureka.co/cybersecurity-certification-training Why Cybersecurity Framework? It Results in a shift from compliance to action and specific outcomes It has built-in maturity model and gap analysis so you don't need additional maturity model on top of CSF It gives you a measure of where you are and where you need to go It can be implemented in stages or degrees which makes it more appealing to business
  • 6. CYBERSECURITY CERTIFICATION COURSE www.edureka.co/cybersecurity-certification-training What Is Cybersecurity Framework? The Framework is voluntary guidance, based on existing guidelines, and practices for organizations to better manage and reduce cybersecurity risk. CYBERSECURITY CERTIFICATION COURSE www.edureka.co/cybersecurity-certification-training
  • 7. CYBERSECURITY CERTIFICATION COURSE www.edureka.co/cybersecurity-certification-training Types of Frameworks PCI-DSS It is designed to protect credit card, debit card, and cash card transactions ISO 27001/27002 Best practice recommendations for information security management and information security program elements. CIS-Critical Security Controls cyber protection that give noteworthy approaches to stop the present most inescapable attacks NIST Framework Improving critical infrastructure Cybersecurity to improve organization’s risks by leveraging standard methodologies and processes
  • 8. CYBERSECURITY CERTIFICATION COURSE www.edureka.co/cybersecurity-certification-training NIST: Most Popular among Frameworks NIST framework was developed in Feb 2013 after US Presidential Executive order To address national and economic security challenges Reduce cyber risks to critical Infrastructure To be voluntary (for private sector) Collaboratively developed with stakeholders
  • 9. CYBERSECURITY CERTIFICATION COURSE www.edureka.co/cybersecurity-certification-training Objectives of the Framework Adaptable, flexible, and scalable Improve Organization’s readiness for managing cybersecurity risk Flexible, repeatable, and performance based Cost-effective Leverage standards, methodologies and processes Promote technology innovation Actionable across the enterprise- focus on outcomes 01 02 03 04 05 06 07
  • 10. CYBERSECURITY CERTIFICATION COURSE www.edureka.co/cybersecurity-certification-training Cybersecurity Framework Components Framework Profile Framework Implementation Tiers Framework Core Are an association’s novel arrangement of their organizational prerequisites and goals, and assets against the coveted results of the Framework Core. Guides associations in overseeing and decreasing their Cybersecurity chances in a way that supplements an association’s current Cybersecurity and risk management processes. Describes how cybersecurity risk is managed by an organization and degree the risk management practices exhibit key characteristics
  • 11. CYBERSECURITY CERTIFICATION COURSE www.edureka.co/cybersecurity-certification-training Framework Implementation Tiers Tier 1 Partial Tier 2 Risk Informed Tier 3 Repeatable Tier 4 Adaptive The extent to which cybersecurity is considered in broader risk management decisions The degree to which the organization benefits my sharing or receiving information from outside parties The functionality and repeatability of cybersecurity risk managementRisk Management Process Risk Management Program External Participation
  • 12. CYBERSECURITY CERTIFICATION COURSE www.edureka.co/cybersecurity-certification-training Framework Core Respond What processes and assets need protection? What techniques can restore capabilities What safeguards are available? What techniques can identify incidents? What techniques can contain impacts on incidents?
  • 13. CYBERSECURITY CERTIFICATION COURSE www.edureka.co/cybersecurity-certification-training Framework Core: Identify Function Category ID Identify Asset Management ID.AM Business Environment ID.BE Governance ID.GV Risk Assessment ID.RA Risk Management Strategy ID.RM Protect Access Control PR.AC Awareness and Training PR.AT Data Security PR.DS Information Protection Processes & Procedures PR.IP Maintenance PR.MA Protective Technology PR.PT Detect Anomalies and Events DE.AE Security Continuous Monitoring DE.CM Detection Processes DE.DP Respond Response Planning RS.RP Communications RS.CO Analysis RS.AN Mitigation RS.MI Improvements RS.IM Recover Recovery Planning RC.RP Improvements RC.IM Communications RC.CO This function helps with building up a hierarchical comprehension in overseeing cybersecurity to frameworks, individuals, resources, information, and capacities
  • 14. CYBERSECURITY CERTIFICATION COURSE www.edureka.co/cybersecurity-certification-training Framework Profiles: Protect Function Category ID Identify Asset Management ID.AM Business Environment ID.BE Governance ID.GV Risk Assessment ID.RA Risk Management Strategy ID.RM Protect Access Control PR.AC Awareness and Training PR.AT Data Security PR.DS Information Protection Processes & Procedures PR.IP Maintenance PR.MA Protective Technology PR.PT Detect Anomalies and Events DE.AE Security Continuous Monitoring DE.CM Detection Processes DE.DP Respond Response Planning RS.RP Communications RS.CO Analysis RS.AN Mitigation RS.MI Improvements RS.IM Recover Recovery Planning RC.RP Improvements RC.IM Communications RC.CO This function develop and implement the appropriate safeguards and controls to ensure delivery of critical infrastructure services
  • 15. CYBERSECURITY CERTIFICATION COURSE www.edureka.co/cybersecurity-certification-training Framework Profiles: Detect Function Category ID Identify Asset Management ID.AM Business Environment ID.BE Governance ID.GV Risk Assessment ID.RA Risk Management Strategy ID.RM Protect Access Control PR.AC Awareness and Training PR.AT Data Security PR.DS Information Protection Processes & Procedures PR.IP Maintenance PR.MA Protective Technology PR.PT Detect Anomalies and Events DE.AE Security Continuous Monitoring DE.CM Detection Processes DE.DP Respond Response Planning RS.RP Communications RS.CO Analysis RS.AN Mitigation RS.MI Improvements RS.IM Recover Recovery Planning RC.RP Improvements RC.IM Communications RC.CO This Function characterizes the fitting exercises to recognize the event of a Cybersecurity occasion. The Detect Function empowers opportune revelation of Cybersecurity occasions.
  • 16. CYBERSECURITY CERTIFICATION COURSE www.edureka.co/cybersecurity-certification-training Framework Profiles: Respond Function Category ID Identify Asset Management ID.AM Business Environment ID.BE Governance ID.GV Risk Assessment ID.RA Risk Management Strategy ID.RM Protect Access Control PR.AC Awareness and Training PR.AT Data Security PR.DS Information Protection Processes & Procedures PR.IP Maintenance PR.MA Protective Technology PR.PT Detect Anomalies and Events DE.AE Security Continuous Monitoring DE.CM Detection Processes DE.DP Respond Response Planning RS.RP Communications RS.CO Analysis RS.AN Mitigation RS.MI Improvements RS.IM Recover Recovery Planning RC.RP Improvements RC.IM Communications RC.CO This Function develop and implement the appropriate activities and controls to identify occurrence of a cybersecurity event. It bolsters the capacity to contain the effect of a potential Cybersecurity occurrence.
  • 17. CYBERSECURITY CERTIFICATION COURSE www.edureka.co/cybersecurity-certification-training Framework Profiles: Recover Function Category ID Identify Asset Management ID.AM Business Environment ID.BE Governance ID.GV Risk Assessment ID.RA Risk Management Strategy ID.RM Protect Access Control PR.AC Awareness and Training PR.AT Data Security PR.DS Information Protection Processes & Procedures PR.IP Maintenance PR.MA Protective Technology PR.PT Detect Anomalies and Events DE.AE Security Continuous Monitoring DE.CM Detection Processes DE.DP Respond Response Planning RS.RP Communications RS.CO Analysis RS.AN Mitigation RS.MI Improvements RS.IM Recover Recovery Planning RC.RP Improvements RC.IM Communications RC.CO The Recover Function distinguishes proper exercises to keep up plans for versatility and to re-establish any abilities or administrations that were impeded because of a Cybersecurity event.
  • 18. CYBERSECURITY CERTIFICATION COURSE www.edureka.co/cybersecurity-certification-training Framework Profile Profiles can be used to identify opportunities for improving Cybersecurity posture by comparing the current profile (“as is” state with the target profile (“to be” state)
  • 19. CYBERSECURITY CERTIFICATION COURSE www.edureka.co/cybersecurity-certification-training Steps to Implement Framework Step 1 Step 2 Step 3 Step 4 Step 5 Step 6 Prioritize & scope Create a Current Profile Create a Target Profile Orient Conduct a Risk Assessment Determine, analyze & prioritize gaps Step 7 Implement Action Plan
  • 20. CYBERSECURITY CERTIFICATION COURSE www.edureka.co/cybersecurity-certification-training Coordination of Framework Implementation Risk Management Implementation
  • 21. Copyright © 2018, edureka and/or its affiliates. All rights reserved. Don’t just learn it, MASTER it with