A Comprehensive Guide to the NIST Cybersecurity Framework 2.0 - Jason Edwards

A Comprehensive Guide to the NIST Cybersecurity Framework 2.0

Strategies, Implementation, and Best Practice

(Autor)

Buch | Hardcover
448 Seiten
2024
John Wiley & Sons Inc (Verlag)
978-1-394-28036-0 (ISBN)
114,10 inkl. MwSt
Learn to enhance your organization’s cybersecurit y through the NIST Cybersecurit y Framework in this invaluable and accessible guide

The National Institute of Standards and Technology (NIST) Cybersecurity Framework, produced in response to a 2014 US Presidential directive, has proven essential in standardizing approaches to cybersecurity risk and producing an efficient, adaptable toolkit for meeting cyber threats. As these threats have multiplied and escalated in recent years, this framework has evolved to meet new needs and reflect new best practices, and now has an international footprint. There has never been a greater need for cybersecurity professionals to understand this framework, its applications, and its potential.

A Comprehensive Guide to the NIST Cybersecurity Framework 2.0 offers a vital introduction to this NIST framework and its implementation. Highlighting significant updates from the first version of the NIST framework, it works through each of the framework’s functions in turn, in language both beginners and experienced professionals can grasp. Replete with compliance and implementation strategies, it proves indispensable for the next generation of cybersecurity professionals.

A Comprehensive Guide to the NIST Cybersecurity Framework 2.0 readers will also find:



Clear, jargon-free language for both beginning and advanced readers
Detailed discussion of all NIST framework components, including Govern, Identify, Protect, Detect, Respond, and Recover
Hundreds of actionable recommendations for immediate implementation by cybersecurity professionals at all levels

A Comprehensive Guide to the NIST Cybersecurity Framework 2.0 is ideal for cybersecurity professionals, business leaders and executives, IT consultants and advisors, and students and academics focused on the study of cybersecurity, information technology, or related fields.

Jason Edwards, DM, is an accomplished cybersecurity leader with extensive experience in the technology, finance, insurance, and energy sectors. Holding a Doctorate in Management, Information Systems, and Technology, Jason specializes in guiding large public and private companies through complex cybersecurity challenges. His career includes leadership roles at industry giants like Amazon, USAA, Brace Industrial Group, and Argo Group International. He is a former military cyber officer, adjunct professor, and avid reader and popular on LinkedIn.

Preface xix

Acknowledgments xx

1 Introduction 1

2 Understanding the NIST Cybersecurity Framework 2.0 5

3 Cybersecurity Controls 11

4 Compliance and Implementation 15

5 Organizational Context (GV.OC) 21

6 Risk Management Strategy (GV.RM) 39

7 Roles, Responsibilities, and Authorities (GV.RR) 61

8 Policy (GV.PO) 73

9 Oversight (GV.OV) 81

10 Cybersecurity Supply Chain Risk Management (GV.SC) 91

11 Asset Management (ID.AM) 121

12 Risk Assessment (ID.RA) 143

13 Improvement (ID.IM) 173

14 Identity Management, Authentication, and Access Control (PR.AA) 187

15 Awareness and Training (PR.AT) 207

16 Data Security (PR.DS) 215

17 Platform Security (PR.PS) 227

18 Technology Infrastructure Resilience (PR.IR) 245

19 Continuous Monitoring (DE.CM) 257

20 Adverse Event Analysis (DE.AE) 275

21 Incident Management (RS.MA) 295

22 Incident Analysis (RS.AN) 311

23 Incident Response Reporting and Communication (RS.CO) 325

24 Incident Mitigation (RS.MI) 333

25 Incident Recovery Plan Execution (RC.RP) 341

26 Incident Recovery Communication (RC.CO) 359

A Appendix A: Glossary of Terms 365

B Appendix B: Descriptions of NIST 800-53 Controls 371

Index of 800-53 Controls used in the CSF 425

Erscheinungsdatum
Verlagsort New York
Sprache englisch
Maße 184 x 262 mm
Gewicht 992 g
Themenwelt Mathematik / Informatik Informatik Netzwerke
Technik Elektrotechnik / Energietechnik
ISBN-10 1-394-28036-X / 139428036X
ISBN-13 978-1-394-28036-0 / 9781394280360
Zustand Neuware
Haben Sie eine Frage zum Produkt?
Mehr entdecken
aus dem Bereich
das umfassende Handbuch für den Einstieg in die Netzwerktechnik

von Martin Linten; Axel Schemberg; Kai Surendorf

Buch | Hardcover (2023)
Rheinwerk (Verlag)
29,90
das Praxisbuch für Admins und DevOps-Teams

von Michael Kofler

Buch | Hardcover (2023)
Rheinwerk (Verlag)
39,90