• Skip to main content
  • Skip to primary sidebar

ConvoCourses

Cyber Security Compliance and IT Jobs

  • Cyber Security Training
  • about me.
  • Information Assurance Jobs

cybersecurity framework

Information Security Framework aka System Compliance

January 15, 2016 by Bruce Brown Leave a Comment

What are Cyber Security Standards?
These are rules that put in place to protect every aspect of an information system.

Also know as information system security standards, information security framework, security system compliance, information system compliance, risk management framework. There are also many types that specialize on different functions of a given industry. For example the medical industry has a standard for protecting patient information called HIPAA which is an acronym for the Health Insurance Portability and Accountability Act that was passed by Congress in 1996. And there is a standard for protecting point of sale and merchant systems called PCI. There are many others.. but the mission is the same… to protect the confidentiality, availability and integrity of important data.

Filed Under: cyberspace workforce, information system compliance Tagged With: CISSP, compliance, cybersecurity framework, DIACAP, DIARMF, DSS, framework, hippa, ISO 27001, PCI, rmf, sarbanes oxley, SOX, system compliance

Cybersecurity Workforce Framework APP (part 1)

July 27, 2015 by Bruce Brown Leave a Comment

Cybersecurity Workforce Framework 8140
Cybersecurity Workforce Framework

App_Store_Badge_135x40_Master_062012

google-play-en@2x_135_40

App now available on the app store

We are working on an app that will allow quick navigation of the National Cybersecurity Workforce Framework version 2.  It will be pretty simple for now.

Version 1.x features Will Include:

  • All Categories mapped to Special Areas
  • All KSA
  • All TSA

In future versions we will include certifications that apply to each Special Area.  I am waiting for DoDD 8140 because I think it will match up with National Cybersecurity Workforce Framework version 2.

cybersecurity workforce app
cybersecurity workforce app
cybersecurity workforce app
cybersecurity workforce app
cybersecurity workforce app
cybersecurity workforce app
cybersecurity workforce app
cybersecurity workforce app

Filed Under: cyberspace workforce, NIST Security Framework, risk management Tagged With: cybersecurity, cybersecurity framework, Cybersecurity Workforce Framework, National Initiative for Cybersecurity Education

Cybersecurity Framework

April 30, 2014 by Bruce Brown Leave a Comment

Adam Sedgewick, Senior Information Technology Policy Advisor at the National Institute of Standards and Technology (NIST) spoke at RSA Conference 2014.

Adam Sedgewick touched on the key elements of the cyber security framework.  Cyber security is designed for critical infrastructure operators to safeguard their information assets.

Adam addresses critics who say the framework is over simplified to be effective.

Cyber security framework will evolve from version 1 that was issued in mid-February (see NIST Releases Cybersecurity Framework).

More on Critical Infrastructure Framework Cyber security.  This document is a guide for implementing Executive Order 13636, “Improving Critical Infrastructure Cybersecurity,”

Adam represents NIST on the Department of Commerce Internet Policy Task Force and advices NIST leadership on cybersecurity issues:

“Recognizing the role that the protection of privacy and civil liberties plays in creating greater public trust, the Executive Order requires that the Framework include a methodology to protect individual privacy and civil liberties when critical infrastructure organizations conduct cybersecurity activities. Many organizations already have processes for addressing privacy and civil liberties. The methodology is designed to complement such processes and provide guidance to facilitate privacy risk management consistent with an organization’s approach to cybersecurity risk management. Integrating privacy and cybersecurity can benefit organizations by increasing customer confidence, enabling more standardized sharing of information, and simplifying operations across legal regimes.” — Cyberframework

Filed Under: cyberspace workforce, DIARMF Tagged With: Adam Sedgewick, cybersecurity, cybersecurity framework, cyberspace workforce

Primary Sidebar

search


This is a breakdown of each of the NIST 800-53 security control families and how they relate to each step in the NIST 800-37 risk management framework process.

also available on Amazon!

View Book


This is a breakdown of each of the NIST 800-53 security control families and how they relate to each step in the NIST 800-37 risk management framework process.

also available on Amazon!

View Book


This book is an overview of how the NIST SP 800-37 risk management framework works from the perspective of an information system security officer (ISSO).

also available on Amazon!

View Book

NIST RMF 800-37 templates
Free 800-37 templates

The NIST 800 Template download contains a .doc file template and xls templates for POAMs, Federal, State, cloud based and a legacy template as well as resources where you can find more on NIST 800-37 documents for your use.

View Book

Learn to Make 6 Figures in CyberSecurity

RMF ISSO Foundations Training
RMF ISSO Foundations Training

RMF ISSO Foundations

I was an Information System Security Officer (ISSO) doing Risk Management Framework (NIST SP 800-37) for over a decade. I am a Cybersecurity veteran and I can explain (in plain English) what you DO in the Risk Management Framework process as an ISSO.

View Course

NIST SP 800-37 Presentation
NIST SP 800-37 Presentation

View Course

login

  • Register
  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

Recent Posts

  • Cybersecurity Jobs Resume Marketing: Book 1 Find Cybersecurity jobs
  • Security Control Assessor (SCA) Methods table top exercise
  • Cybersecurity Pro opinion about Tiktok
  • Las Vegas teleworking
  • STIGS in the RMF Process

Meta

  • Register
  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

Recent Comments

  • http://Www.Finance.Ipt.Pw/ on SRG/STIG Applicability Guide and Collection Tool Update
  • Elsa7 on ConvoCourses podcast: Cyber Security day to day activity
  • Tony on STIG Update – DISA has released the Microsoft SQL Server 2016 STIG Version 1
  • horloge on SCAP Compliance Checker SCC)
  • 218 Information assurance Success Criteria – ITSECURITYSURVIVAL.COM on Information Assurance Vulnerability Alert

Tags

8140 8570 ArcSight c&a CISSP convocourses cyber cybersecurity cyber security DIACAP DIARMF diarmf - implement disa DISA STIG dodd 8140 dodd 8140 cyberspace workforce HBSS IA implement implementation info assurance information assurance information security ISSO it jobs it jobs in usa job jobs Linux mcafee network nist nist risk management framework nist risk management framework 800-37 podcast risk risk assessment risk management risk management framework rmf security STIG stigs unix windows


This is a breakdown of each of the NIST 800-53 security control families and how they relate to each step in the NIST 800-37 risk management framework process.

also available on Amazon!

View Book

Copyright © 2023 · Author Pro on Genesis Framework · WordPress · Log in