From the course: Security for the SMB: Implementing the NIST Cybersecurity Framework
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Building a cybersecurity program
From the course: Security for the SMB: Implementing the NIST Cybersecurity Framework
Building a cybersecurity program
- [Instructor] The NIST CSF also provides steps illustrating how an organization can use the framework to create a new cybersecurity program or improve an existing one. The steps are one: prioritize and scope; two: orient; three: create a current profile; four: conduct a risk assessment; five: create a target profile; six: determine, analyze and prioritize gaps; and seven: implement an action plan. These steps should be repeated as necessary to continuously improve cybersecurity. Let me quickly explain each step. In the first step, prioritize and scope, the organization identifies its business and mission objectives and high-level organizational priorities. This is what's important to your overall organization, a specific line of business, or department. You can use this information throughout the process to align cybersecurity activities and controls, ensuring they are cost-effective. Take a minute to think about what's…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.