Keynote Session : NIST - Cyber Security Framework Measuring Security

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Critical Security Framework
MEASURING Security
Dick Bussiere | Technical Director | Asia Pacific

Turbo Agenda
 Whatisthe NISTCybersecurityFramework?
 Why YOUshould care?
 How wouldIapplyit?
 How wouldImeasuremy effe...

Things to Ponder
 205 Days until breach detected (APAC
Average)?
 Can you say with certainty that you are100%
Secure?
 ...

Heard on the street…
Of organizations believesecurity should be a top
orhigh priority of the business
Of CEO’s viewsecurit...

IF YOU CAN’T
MEASUREYOU CAN’T
CONTROL

IF YOU CAN’T
MEASUREYOU CAN’T
IMPROVE

The Survey Says…
Security Frameworks guide the way…
• 84% Leverage a security framework
• Broad range of company sizes
Wid...

Why Cyber Security Framework?
 Asksthe question“whatareyoudoing toimprove” ratherthan“did
youimplement controlXYZ”
 Resu...

 Repeatable
 Flexible
 TechnologyNeutral
 CostEffective
 Measurable!
 CommonLanguage
WhyCyber Security Framework?

Objectives of CSF in a nutshell
Describe
Current
Security
Posture
Describe
TargetSecurity
Posture
Continuous
Improvement
A...

A Frameworkof Frameworks
ISO/IEC27001
CCSCSC1
ISA62443
NISTSP 800-53
COBIT 5
NISTCYBERSECURITY FRAMEWORK
5in 1!

CSF Component 1 – FrameworkCore
Framework
Core
Identify
Detect
RespondRecover
Protect

Structure
Microsoft Excel
Worksheet

CSF Component 2 – FrameworkImplementation Tiers
Partial
Risk Informed
Repeatable
Adaptable
 How cybersecurity risks and p...

CSF Component 3 – FrameworkProfile
 Presents overview of present and future
cybersecurity posture
 BusinessRequirements
...

How is CSF Different?
 Expresses cybersecurity activities in a common language
 Leverages existing standards –does not r...

Endpoint
Assessment
Network
Monitoring
Analytics
Event
Monitoring
Ingredients to Measuring
Compliance

Thank You
Dick Bussiere | Technical Director | Asia Pacific

Share Slideshare

LinkedIn
Facebook
Twitter

Embed

Size (px)

Show related Slideshows at end

WordPress Shortcode

Link

Share
Email

Security Strategy and Tactic with C... by Priyanka Aash 1960 views
Keynote Session : Internet Of Thing... by Priyanka Aash 1047 views
Network Forensics and Practical Pac... by Priyanka Aash 5596 views
Practical Applications of Block Cha... by Priyanka Aash 11750 views
Risk Analysis using open FAIR and A... by Priyanka Aash 6615 views
Keynote Session : The Non - Evoluti... by Priyanka Aash 757 views

View on Slideshare

1 of 21 Ad

View on Slideshare

1 of 21 Ad