A Comprehensive Guide to the NIST Cybersecurity Framework 2.0
Strategies, Implementation, and Best Practice
- English
- PDF
- Only available on web
A Comprehensive Guide to the NIST Cybersecurity Framework 2.0
Strategies, Implementation, and Best Practice
About This Book
Learn to enhance your organization's cybersecurit?y through the NIST Cybersecurit?y Framework in this invaluable and accessible guide
The National Institute of Standards and Technology (NIST) Cybersecurity Framework, produced in response to a 2014 US Presidential directive, has proven essential in standardizing approaches to cybersecurity risk and producing an efficient, adaptable toolkit for meeting cyber threats. As these threats have multiplied and escalated in recent years, this framework has evolved to meet new needs and reflect new best practices, and now has an international footprint. There has never been a greater need for cybersecurity professionals to understand this framework, its applications, and its potential.
A Comprehensive Guide to the NIST Cybersecurity Framework 2.0 offers a vital introduction to this NIST framework and its implementation. Highlighting significant updates from the first version of the NIST framework, it works through each of the framework's functions in turn, in language both beginners and experienced professionals can grasp. Replete with compliance and implementation strategies, it proves indispensable for the next generation of cybersecurity professionals.
A Comprehensive Guide to the NIST Cybersecurity Framework 2.0 readers will also find:
- Clear, jargon-free language for both beginning and advanced readers
- Detailed discussion of all NIST framework components, including Govern, Identify, Protect, Detect, Respond, and Recover
- Hundreds of actionable recommendations for immediate implementation by cybersecurity professionals at all levels
A Comprehensive Guide to the NIST Cybersecurity Framework 2.0 is ideal for cybersecurity professionals, business leaders and executives, IT consultants and advisors, and students and academics focused on the study of cybersecurity, information technology, or related fields.
Frequently asked questions
Information
Table of contents
- Cover
- Title Page
- Copyright
- Contents
- Preface
- Acknowledgments
- Chapter 1 Introduction
- Chapter 2 Understanding the NIST Cybersecurity Framework 2.0
- Chapter 3 Cybersecurity Controls
- Chapter 4 Compliance and Implementation
- Chapter 5 Organizational Context (GV.OC)
- Chapter 6 Risk Management Strategy (GV.RM)
- Chapter 7 Roles, Responsibilities, and Authorities (GV.RR)
- Chapter 8 Policy (GV.PO)
- Chapter 9 Oversight (GV.OV)
- Chapter 10 Cybersecurity Supply Chain Risk Management (GV.SC)
- Chapter 11 Asset Management (ID.AM)
- Chapter 12 Risk Assessment (ID.RA)
- Chapter 13 Improvement (ID.IM)
- Chapter 14 Identity Management, Authentication, and Access Control (PR.AA)
- Chapter 15 Awareness and Training (PR.AT)
- Chapter 16 Data Security (PR.DS)
- Chapter 17 Platform Security (PR.PS)
- Chapter 18 Technology Infrastructure Resilience (PR.IR)
- Chapter 19 Continuous Monitoring (DE.CM)
- Chapter 20 Adverse Event Analysis (DE.AE)
- Chapter 21 Incident Management (RS.MA)
- Chapter 22 Incident Analysis (RS.AN)
- Chapter 23 Incident Response Reporting and Communication (RS.CO)
- Chapter 24 Incident Mitigation (RS.MI)
- Chapter 25 Incident Recovery Plan Execution (RC.RP)
- Chapter 26 Incident Recovery Communication (RC.CO)
- A Appendix A: Glossary of Terms
- B Appendix B: Descriptions of NIST 800â53 Controls
- Index of 800-53 Controls used in the CSF
- EULA