CYB:405-WK1-NIST-PUBLICATIONS-AND-OUTCOMES

docx

School

University of Phoenix *

*We aren’t endorsed by this school

Course

405

Subject

Information Systems

Date

Apr 3, 2024

Type

docx

Pages

6

Uploaded by lejb1288

Report
CYB/405-WK1-NIST-PUBLICATIONS-AND-OUTCOMES Week 1 Apply: NIST Publications and Outcomes SP Number SP Name SP Purpose SP 800-30 Guide for conducting risk assessments. Provides information on how to assess the risk component of risk management. SP 800-34 A guide for contingency plan and development. It gives you instructions and recommendations for your information technology systems contingency planning. SP 800-37 A guide for using the risk management framework. An overall and more comprehensive risk management process. SP 800-39 How to manage information security risk. Provides a set of steps for an integrated organization. A wide program for managing all your information security risks to your organizational operations, such as missions, functions, images, and reputations, assets, individuals, and other organizations. SP 800-53 A catalog with several types of security controls and assessment procedures. It helps provide the standards and guidelines for federal agencies to architect and manage their information security systems.
The comparison between the structure operating in the global marketplace and the NIST- based structure are as follows: The global standard which is ISO 2001 is the international standard which sets out the detail for a data the board framework. It helps by assisting organizations with handling their dt security by tending to individuals and cycles just as innovation. The National Institute of Standards and Technology (NIST) is a non-administrative organization under the US Department of Commerce. Its priority is to create standards that can be applied to different organizations. They create these guidelines to help organizations set their safety policies, in order to help ensure their data is protected. With these guidelines you can help ensure consistency with regards to your network safety. NIST compliance provides several types of guidelines for many requirements in your organization such as in the table provided above. All guidelines influence security governance and can help in providing better control over your entire organization. It also helps in creating the organization’s desired outcomes. NIST 800 series has many reports that display the United States government PC security strategies, systems, and rules for authorization of security rules and as a legitimate reference, if there should arise an occurrence of prosecution, including security issues. ISO 27001 is not a specialized, but more anger centered for organizations, everything being equal and sizes. While NIST 800 has greater security control with a wide array of gatherings to enhance best practices identified with a government data framework. An NIST-based structure considers the main components of the framework for improving critical infrastructure cybersecurity and provides the foundational knowledge needed to understand its importance. The three main components include, implementation tiers, framework core, and
profiles. In the framework implementation tier it helps create your organization’s cybersecurity risk management practices. Next, the framework core helps create a set of rules that include activities and outcomes organized by categories, these activities will contain identification, protection, detection, and recovery. Lastly, the framework profiles establishes an organization’s bridge between your organizational requirements and objectives that are targeted towards a desired outcome. The main reason for the special publication helps create governance in risk management, asset management, privacy, and contingency planning. One of the biggest problems to organization’s is information security. This is due to so many tech advancement and it is becoming very difficult for business’ and government sectors to stay ahead to prevent cyber-attacks. NIST main mandate is to provide guidance for compliance with federal regulation governing information technology.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
In the global marketplace there is a lack of a standardized governance in relation to addressing policy and compliance issues, other countries around the world do not have the same standards; if they have any at all. Some countries are included in some global attempt to create a level field for corporate IT governance. A lack of this between different countries has made it difficult to establish a global standardized initiative. NIST compliance influences information security governance and is a part of formulating the organization’s desired outcomes by first, ensuring the security of the organization’s infrastructure and second, by laying. The foundation protocols for organization’s to follow when achieving compliance with specific regulations, such as HIPAA or FISMA. NIST also gives organization’s all the steps needed for FISMA compliance. These will include the categories in which data and information are needed to be protected. Developing the baseline for the absolute minimum controls required to protect your data.
Providing risk assessments for baseline controls refining, documenting these baseline controls in your security plan, rolling out security controls to your information systems, monitoring performance to test how effective your security controls are, determining agency level risks based on your assessment of your security controls, authorizing your information system process, and providing continuous monitoring of security controls. By not including and information security governance into your organizations business strategy can make it impossible for your organization to prevent cybersecurity hacks, which will lead to consumer and organizational privacy issues, federal fines and penalties for not adhering to the rules, law suites, data breaches and many other issues.
Cited References . Search Security. (2021). What is the NIST Cybersecurity Framework? Search https://searchsecurity.techtarget.com/definition/NIST-Cybersecurity-Framework . Lord, N. (September 7, 2018). What is NIST Compliance. https://digitalguardian.com/blog/what-nist-compliance . NIST. (2020). Computer Security resource Center. https://csre.nist.gov/publications/sp800 . NIST. (October 8, 2019). An Introduction to the Components of the Framework. https://www.nist.gov/cyberframework/online-learning/components-framework
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help

Related Documents

Lab 03 - Use Case Diagrams & Use Case Narratives - Student Answers.docx
Chapter 2 Quiz.docx
IT395_DeTanyaBrock_Assessment_M2.docx
IDS 150 Project.docx
Module 5 Assignment.docx
Ransomware.docx
CYB:407-WK5-PAT2-POA&&M-COMMUNICATION-TO-LEADERSHIP.docx
TAEDES411_AE_Pro2of2.pdf
Mobile Forensics.docx
CYB:407-WK5-PART1-PASSWORD-POLICY.docx
Topic 2 edpy 470.docx
Sauce & Spoon Project Charter.docx