Matthew Barrett

Publications

Using Business Impact Analysis to Inform Risk Prioritization and Response

February 26, 2025

Author(s)

Stephen Quinn, Nahla Ivy, Julie Anne Chua, Matthew Barrett, Larry Feldman, Daniel Topper, Greg Witte, Robert Gardner

While business impact analysis (BIA) has historically been used to determine availability requirements for business continuity, the process can be extended to

Prioritizing Cybersecurity Risk for Enterprise Risk Management

February 26, 2025

Author(s)

Stephen Quinn, Nahla Ivy, Matthew Barrett, Greg Witte, Robert Gardner

This document is the second in a series that supplements NIST Interagency Report (IR) 8286, Integrating Cybersecurity and Enterprise Risk Management (ERM). This

NIST Cybersecurity Framework 2.0: Quick-Start Guide for Using the CSF Tiers

October 21, 2024

Author(s)

Stephen Quinn, Cherilyn Pascoe, Matthew Barrett, Karen Scarfone, Gregory Witte

This Quick-Start Guide describes how to apply the CSF 2.0 Tiers. CSF Tiers can be applied to CSF Organizational Profiles to characterize the rigor of an

NIST Cybersecurity Framework 2.0: Enterprise Risk Management Quick-Start Guide

October 21, 2024

Author(s)

Stephen Quinn, Victoria Pillitteri, Matthew Barrett, Matthew Smith, Gregory Witte

This guide provides an introduction to using the NIST Cybersecurity Framework (CSF) 2.0 for planning and integrating an enterprise-wide process for integrating

National Online Informative References (OLIR) Program: Submission Guidance for OLIR Developers

February 26, 2024

Author(s)

Nicole Keller, Stephen Quinn, Matthew Barrett, Karen Scarfone, Matthew Smith, Vincent Johnson

The National Online Informative References (OLIR) Program is a NIST effort to facilitate subject matter experts in defining standardized Online Informative

View more Publications

Matthew Barrett (Assoc)

Publications