“…The course kicks off with an exploration of NIST Cybersecurity and Risk Management Frameworks, offering insights into their significance in today's digital landscape. …”

Tabla de Contenidos: “…Intro -- Copyright Page -- Contents -- Foreword -- Preface -- About the authors -- Acknowledgments -- Chapter 1: Looking through the wrong end of the telescope -- 1.1: For NIST Cybersecurity Professional (NCSP) students -- 1.2: Using the book -- 1.3: The rest of the story -- Chapter 2: A clear and present danger -- 2.1: Digital evolution and the expanding attack surface -- 2.2: Evolving threat landscape -- 2.3: Lessons learned -- Chapter 3: Cybersecurity and business risk -- 3.1: Understanding enterprise risk management -- 3.2: ERM is an essential precursor to the adoption of the NIST-CSF -- 3.3: Introducing the CPD Model -- Chapter 4: Introduction to the NIST-CSF -- 4.1: Framework Core -- 4.2: Implementation Tiers -- 4.3: Framework Profiles -- 4.4: Create or improve a cybersecurity program -- Chapter 5: Introduction to NIST-CSF and the CPD Model -- 5.1: The "first principles" of the CPD Model -- 5.2: NIST-CSF and the CPD Model -- 5.3: Cybersecurity and the CPD Model -- Chapter 6: Beyond the Framework? …”

“…The NIST CSF is a framework for organizations to manage and mitigate cybersecurity risk based on existing standards, guidelines, and practices…”

“…The NIST CSF is a framework for organizations to manage and mitigate cybersecurity risk based on existing standards, guidelines, and practices…”

Tabla de Contenidos: “…Cover -- Copyright -- Foreword -- Contributors -- Table of Contents -- Preface -- Part 1: Introduction to the NIST Risk Management Framework -- Chapter 1: Understanding Cybersecurity and Risk Management -- Introduction to cybersecurity fundamentals -- The digital revolution -- Defining cybersecurity -- The cybersecurity imperative -- The journey begins -- Overview of risk management concepts -- The nature of risk -- The risk management process -- Risk management in cybersecurity -- NIST and risk management -- Identifying common cyber threats -- Types of cyber threats -- Recognizing the signs -- Recognizing vulnerabilities -- Common vulnerabilities -- Vulnerability scanning tools -- NIST frameworks - compare and contrast -- NIST CSF -- NIST RMF -- Comparison and contrast -- Summary -- Chapter 2: NIST Risk Management Framework Overview -- The history and evolution of the NIST RMF -- Precursors to the RMF -- The emergence of the NIST RMF -- Why it matters -- The key components and stages of the RMF -- The core components of the NIST RMF -- The stages of the NIST RMF -- Roles and responsibilities in the RMF -- Authorizing Official -- Chief Information Officer -- Chief Information Security Officer -- Information System Owner -- Security Control Assessor -- Security Officer -- Summary -- Chapter 3: Benefits of Implementing the NIST Risk Management Framework -- Advantages of adopting NIST RMF -- Structured approach to risk management -- Alignment with industry standards -- A holistic approach to risk management -- Efficiency through standardization -- Enhanced security posture -- Compliance and regulatory alignment -- Risk reduction and resilience -- Cost efficiency -- Informed decision-making -- Flexibility and adaptability -- Compliance and regulatory considerations -- A common compliance challenge -- The role of the NIST RMF…”

Tabla de Contenidos: “…Intro -- Copyright Page -- Contents -- Foreword -- Preface -- About the authors -- Acknowledgments -- 1 The journey -- 1.1 Using the book -- 1.2 For NIST Cybersecurity Professional students -- 1.3 The rest of the story -- 2 Be the menace within - a proactive approach -- 2.1 Identify and prioritize business systems -- 2.2 Being the menace -- 2.3 Understanding strategy-risk -- 3 Systems: simple, complex, complicated, and resilient -- 3.1 Speaking in systems -- 3.2 Leverage, change, and adaptive resilience -- 3.3 Knowledge management and systems -- 3.4 Working at the edge of chaos -- 4 Cybersecurity and the Digital Value Management SystemTM -- 4.1 Exploring the DVMS -- 4.2 A systems view of the CPD Model -- 5 Adapting the way we work -- 5.1 An adaptive way of working -- 5.2 A principled approach to creating, protecting, and delivering digital business value -- 5.3 Organizing to create, protect, and deliver (CPD) digital business value -- 5.4 The DVMS FastTrack approach -- 5.5 Agility and resilience (the CPD Model and cybersecurity) -- 6 Cybersecurity within a system -- 6.1 A systems approach to cybersecurity -- 6.2 Overview of the practice relationships within the DVMS -- 6.3 Applying the DVMS FastTrack approach -- 7 Digital business risk management -- 7.1 Mental models and perspectives -- 7.2 Z-X Model capabilities, practice areas, and practices -- 7.3 Cybersecurity and Z-X Model capabilities -- 7.4 Applied GQM and QO-QM: The role of performance measurement -- 8 The DVMS as a scalable overlay -- 8.1 Scalability? …”

“…The NIST 800-37 Risk Management Framework is a set of guidelines and best practices developed by the National Institute of Standards and Technology to assist organizations in managing and mitigating information security risks effectively. …”

“…NIST standard reference database ; 46…”

“…A Comprehensive Guide to the NIST Cybersecurity Framework 2.0 offers a vital introduction to this NIST framework and its implementation. …”

Tabla de Contenidos: “…Intro -- Title page -- Copyright -- Dedication -- Academic Foreword -- Acknowledgments -- Preface - Overview of the NIST Framework -- Background on the Framework -- Framework Based on Risk Management -- The Framework Core -- Framework Implementation Tiers -- Framework Profile -- Other Aspects of the Framework Document -- Recent Developments At Nist -- CHAPTER 1 Cybersecurity Risk Planning and Management -- Introduction -- I. …”

“…Follow this comprehensive guide as it provides you with a deep understanding of Azure security principles, best practices, and implementation strategies aligned with the NIST Cybersecurity Framework (CSF). The book covers various topics from Azure security to designing and deploying solutions for infrastructure, data, and applications, including identify, protect, detect, respond, and recover solutions, in line with the NIST CSF. …”

Ver más información

Tabla de Contenidos: “…-- Chapter 8: Increasing Program Maturity -- Chapter 9: Targeted Non-technical Testing -- Chapter 10: Targeted Technical Testing -- Part III: Applying the Results to Everyday Needs -- Chapter 11: Refreshing the Risk Register -- Chapter 12: The Cybersecurity Roadmap -- Part IV: Continuous Improvement -- Chapter 13: Investing for Risk Reduction -- Chapter 14: Third Party-Risk: Beyond the BAA -- Chapter 15: Social Media, BYOD, IOT and Portability -- Chapter 16: Risk Treatment and Management -- Chapter 17: Customizing the Risk Analysis -- Chapter 18: Think Offensively -- Appendix A. NIST CSF Internal Controls -- Appendix B. NIST CSF to HIPAA Crosswalk -- Appendix C: Risk Analysis Templates.- …”

Acceso restringido con credenciales UPSA

Tabla de Contenidos: “…Front Cover; Contents; Introduction; Entity-Level Policies and Procedures; Access-Control Policies and Procedures; Change Control and Change Management; System Information Integrity and Monitoring; System Services Acquisition and Protection; Informational Asset Management; Continuity of Operations; Appendix A: ISO/IEC 27001(Annex A) Controls(c) ISO; Appendix B: NIST SP 800-53 Controls; Appendix C: HIPAA Security Rule; Appendix D: PCI DSS V2.0 Controls; Appendix E: Agreed-Upon Procedures (AUPs) V5.0; Back Cover…”