Publications

Displaying 1 - 4 of 4

NIST Cybersecurity Framework 2.0: Enterprise Risk Management Quick-Start Guide

October 21, 2024

Author(s)

Stephen Quinn, Victoria Pillitteri, Matthew Barrett, Matthew Smith, Gregory Witte

This guide provides an introduction to using the NIST Cybersecurity Framework (CSF) 2.0 for planning and integrating an enterprise-wide process for integrating cybersecurity risk management information, as a subset of information and communications

NIST Cybersecurity Framework 2.0: Quick-Start Guide for Using the CSF Tiers

October 21, 2024

Author(s)

Stephen Quinn, Cherilyn Pascoe, Matthew Barrett, Karen Scarfone, Gregory Witte

This Quick-Start Guide describes how to apply the CSF 2.0 Tiers. CSF Tiers can be applied to CSF Organizational Profiles to characterize the rigor of an organization's cybersecurity risk governance and management outcomes. This can help provide context on

Approaches for Federal Agencies to Use the Cybersecurity Framework

August 17, 2021

Author(s)

Jeffrey Marron, Victoria Yan Pillitteri, Jon M. Boyens, Stephen Quinn, Gregory Witte

The document highlights examples for implementing the Framework for Improving Critical Infrastructure Cybersecurity (known as the Cybersecurity Framework) in a manner that complements the use of other NIST security and privacy risk management standards

Guide for Cybersecurity Event Recovery

December 22, 2016

Author(s)

Michael Bartock, Jeffrey Cichonski, Murugiah Souppaya, Matthew C. Smith, Gregory Witte, Karen Scarfone

In light of an increasing number of cybersecurity events, organizations can improve resilience by ensuring that their risk management processes include comprehensive recovery planning. Identifying and prioritizing organization resources helps to guide

Search Publications by: