Lucas Hathaway’s Post

As a rule of thumb - If a system has member or customer information, consider it a critical system and plan to include it in your cybersecurity risk assessment

📰 Yesterday NIST released v2.0 of NIST Cyber Security Framework - most common use framework for assessing Cybersecurity of Organization. We use this tool quite often when working with Clients on vCISO services delivery. ❗ Take a look on new NIST CSF framework here - https://lnkd.in/gFzpEZ2 ❗ ❗ Here is also small infographic on vCISO service offering - https://lnkd.in/d7JrCwx4

In case you missed it, two days ago, NIST released a new version of the CSF (Cyber Security Framework). ⁉ Why is it important? If you manage your company and do not know where to start with your security resilience, it's an ideal tool to guide you on the areas and topics that you should focus on. A few points for your attention: ❗ The CSF is not as detailed as PCI standards. If you expect specific requirements, refer to the standards listed in the "Reference" section. ♒ It enables you to prioritize your areas of interest. 🌀 It allows you to approach your cyber resilience holistically If you struggle with self-assessment - let us know.

The National Institute of Standards and Technology (NIST) has released the updated Cybersecurity Framework (CSF) 2.0 to address evolving cybersecurity risks. This version is designed to be accessible to organizations of all sizes and sophistication levels, offering expanded core guidance and tailored resources. https://lnkd.in/gpsSny2r

Great to see version 2 of the NIST Cyber Security Framework published yesterday and strongly recommend that anyone with a professional interest in cyber security has a read. It is an evolution of the previous version, which is good since it makes migration easier and includes a number of positive changes to make the framework more usable. In particular, duplication has been reduced, the categories re-ordered to offer a more logical alignment with business processes, and informative references introduced to help interpret the categories. The headline change is the introduction of a central "GOVERN" function under which all the core governance categories sit and will be integral to engaging with boards to help them understand their cyber security responsibilities.

Where are my GRC people at? Or you know what, now you don't even have to be in GRC to understand the NIST Cybersecurity framework (CSF). I think the newly (very new, 26th February 24') NIST CSF 2.0 is sort of a game changer for the NIST cyber security universe. Excited to see the efforts put into actually creating something usable -> understandable <- for smaller companies, but also for people who might not be cybersecurity experts. Make sure to browse the quick start guides. Well done NIST, a step in the right direction. 🤘

The National Institute of Standards and Technology (NIST) has recently updated their Cyber Security Framework to Version 2. What is interesting in this update is the call out of "Governance" as a separate function. This highlights nicely the need to think of cyber being more than just a set of risks and technical mitigations, but rather as something that holistically supports, and aligns to, the wider business. Our customers sometimes struggle with this alignment and the updated framework provides great guidance on how to do this. #nistcsf #cyberresilience

Building a Cybersecurity Framework? Look no further than the NIST Cybersecurity Framework (NIST CSF)! This framework provides organizations with comprehensive guidance and best practices to improve information security and cybersecurity risk management. Learn more about the NIST CSF and how it can benefit your organization in this informative video. #cybersecurity #NISTCSF Link to video: https://lnkd.in/e62W5QCb

NIST Cybersecurity Framework 2.0 is now available! This update is designed to be accessible to all audiences, industry sectors, and organization types, regardless of their degree of cybersecurity sophistication. Check out the link below to learn more about how you can improve your cybersecurity measures. https://lnkd.in/eYBvdG8d

Security-minded MSPs can clarify SMB misconceptions around cybersecurity risk assessments by providing an accurate and transparent assessment process. Competitive advantages will follow.