Building a Cybersecurity Framework
ฝัง
- เผยแพร่เมื่อ 29 ก.พ. 2024
- What is the NIST Cybersecurity Framework? → ibm.biz/BdvVAr
The NIST Cybersecurity Framework (NIST CSF) provides comprehensive guidance and best practices that private sector organizations can follow to improve information security and cybersecurity risk management. IBM Distinguished Engineer, Jeff Crume, walks us through this framework so you can plan on having a robust cybersecurity program.
Get started for free on IBM Cloud → ibm.biz/ibm-cloud-sign-up
Subscribe to see more videos like this in the future → ibm.biz/subscribe-now
Another engaging, relevant, and concise video from Jeff!
I finished MIT's Cybersecurity program and passed the Sec + exam recently. I am pivoting from a non-IT profession and your video content played an instrumental part in developing my understanding of numerous concepts. Please know your work is very impactful. I will continue to follow you throughout my journey to Govern, Protect, Detect, Respond, and Recover!
Thanks so much for all the kind words! I’m so glad to hear that these videos have been helpful! Feedback like yours is what makes it all worthwhile
Best simple video that explains Cybersecurity I have ever watched
Thanks so much for the great feedback!
Wow ! Thank you for covering all the aspects of the NIST framework in such a simple and clear way. I have subscribed to your channel to get more information about cybersecurity concepts.
Great perspective on how you should start with NIST2.0 Risk tolerance and responsibilities before policies, standards, and procedures.
Glad you liked it!
I can’t believe these lessons are free
Just don’t ask for a refund 😂😂😂 but seriously, I’m glad you like them!
@@jeffcrumeLoL . It’s much worth than paid one
My bad the Google course at Coursera taught me it was Incident but I double checked and the video is right.
-I don't wanna be that guy, I mean I've just started studying cybersecurity last December but I'd say it's Security Incident Event Management tools, not Security Information.- Great great video by the way I'm reading the new NIST CSF on the bus on my way to work when I got your video notification. Thank you for doing this. Appreciate it.
It is Security Information and Event Management. A quick online search would show that. It also makes sense because a SIEM collects information and correlates those to create events. A SIEM usually does not determine or manage incidents. The analyst does that based on events reported by the SIEM.
Glad you liked the video! Try googling “what does SIEM stand for” and I think you’ll see it’s “information” not “incident.” Gartner and all the vendors in the space define it that way
It's security information and Event Management
Amazing condensation and clear explanation. Thank you Jeff 🥇
So glad you liked it!
I love how you made this very easy to digest! Looking forward to the next video
Thanks so much for the great feedback! More to come!
I believe there are simple methods to solve most cybersecurity issues. 1. For ransomware/virus, just won't allow any unauthorized program to run. On the linux, just won't allow anyone including SU/sudo to add X attribute to any file. The only way to modify X is booting to safemode. This will prevent ransomware, old, new, from running. 2. For kackers, verify login device. If the authentication server and user device's clock are synched. We can generate the same token (based on the same clock) for verification. This is a passwordless auth method that does not need any addition hardware device. The hacker must steal the authorized device in order to break in. There is no password for the hacker to steal, guess. By implement these methods, we can greatly enhanced cybersecurity.
What do you mean exactly by “synched” ? Can you elaborate a little bit?
I never heard so much no sense coming from someone about security
1) systems fail. Even the security systems that are meant to protect against unauthorized access, so nothing will ever provide complete protection. 2) syncing clocks has problems too because they can also have drift over time. FIDO passkeys are a better solution for user authentication because they don’t require this. I have two videos on the channel about this
As 2. First, have you checked your cell phone's clock to see how accurate it is?
As using this method, the advantages are
1 it does not require any new hardware. For example, any computer system can implement this method (software update) to authenticate between them without any human intervention, additional hardware, or other system assistence
2 Nothing is parmanent. Unlike passkey, it may require your thumb, facial recognition, which doesn't change at all and can be compromised. This method uses sync clock and mathmatic array to generate a new token. The clock does not need to be the same as standard UTC and it can run faster or slower than the standard clock speed. The method array can have trillions entris that it is very hard to guess which entry will be used next time to generate a new token.
3 It is impossible to use historical data to guess the new token as both clock and methed are changing. The re-play method will not work.
4 Disgruntled empolyee (especially, from the provider) can't steal useful informatio and sell it on the dark website
As for 1. We can work to build a system that is safer.
It means the clocks are the same. Check your cellphone's clock. It is synchronized with the cell tower. If you are in Microsoft AD, your PC clock is synced with PDC. NTP protocol can be used to sync the clock.
Very well and concisely put. Thanks.
Thanks so much!
Thank you very much for this. It's really insightful.
Much love from Nigeria!
Much love back to Nigeria!
I’m new at this, thank you for explaining so clearly. I wish you taught a class..
Thanks so much! Actually I do teach at North Carolina State University, although my students may wish I didn’t 😂
Your zero trust concept ideas were most helpful. Transfer to UNC, you’ll like our teams too
Nice! I was just going over the NIST 2.0 . I love your breakdowns. Thank you
Thanks! There’s a lot of great work by NIST and I’m not able to cover all of it but I’m glad this helped
Great summary. Smooth and intriguing!
Thanks so much!
Brilliant demonstration, well done 👍
What you are presenting is actually the core CSF functions not the categories
Glad you liked it. Sorry for the misstatement. Hopefully, the important content is still conveyed
Thank you for another great video simplifying the seemingly complex world of cybersecurity! I find NIST framework approach simpler and more intuitive compared to the CISSP domains. Maybe you can make a video simplifying the the CISSP domains, and if we can somehow relate it with the NIST framework.
thank a Lot !! It was more usefull, you are excellent Teacher !! go ahead !!
Thanks so much for saying so!
Amazing explanation! Wonderfull videos.
Thanks so much for watching!
That was insightful. Thank you
Thanks for watching!
Thanks
Thank you for valuable content. Let me asking a question,
- Does NIST CSF generate an Accreditation for Organization that has been assessed with NIST CSF?
- Does there's certain certification require for individual/company that bring NIST CSF Assessment to Organization?
- Does NIST CSF framework could be combined with CMML to generate some insight of Organization Security Posture? if yes how it mapped to that Score/Level?
Thank you for your kind contribution to the community
I’m glad you liked it! No cert that I’m aware of for this. It’s more DEscriptive than PREscriptive.
Whatever topic you teach is easy to understand . Thank you
Thank you for saying so!
Very informative sir 👍
I’m glad you liked it!
saar
I'm not sure how rain works, I can burn rice. But this I'm in love with
Maybe if it rains enough while you are cooking outdoors, it will prevent your rice from burning! 😊
I love this!!!!
Thanks!
awsome
also for wifi
Excellent informative video, thanks! How does the NIST CSF compare to other NIST publications such as 800-171 or 800-53, and other frameworks such as ISO, HIPPA, PCI etc?
Great question! 800-53 is more detailed and prescriptive whereas CSF is more high level and suggestive. 800-171 is specifically for contractors and subcontractors of the federal government. ISO is more similar to 800-53 whereas HIPAA and PCI are industry specific regulations with detailed requirements and certifications. They are all trying to improve security but come from different sources and carry different weights in terms of specifics and enforcement
Thanks for the reply Jeff appreciate it. For the frameworks listed, is there one that if a company with a lot of different regulated data could adopt which would then map across all the requirements?
can you please bring in a network expert on your cybersec guides?
Thanks for the suggestion!
Do you have any cybersecurity architecture book in the market?
I did write a book called “What Hackers Don’t Want You to Know” but it’s 24 years old now and isn’t specific to architecture. I do have a 10-part architecture series here on the channel, though, that you might want to check out
any cybersecurity course you are teaching?
I’m teaching a class this semester at North Carolina State University that I call “Secure Thinking: Issues in Cybersecurity and Privacy”
Well if you would quit telling the "bad guys" all of your security issues maybe that would help.
Believe me, they already know. That’s why they are so successful. I’m just trying to level the playing field and take back some of the advantage