LinkedIn and 3rd parties use essential and non-essential cookies to provide, secure, analyze and improve our Services, and to show you relevant ads (including professional and job ads) on and off LinkedIn. Learn more in our Cookie Policy.

Select Accept to consent or Reject to decline non-essential cookies for this use. You can update your choices at any time in your settings.

Start free trial Sign in

From the course: ISC2 Information Systems Security Engineering Professional (ISSEP) Cert Prep

Unlock this course with a free trial

Join today to access over 24,700 courses taught by industry experts.

NIST cybersecurity framework

NIST cybersecurity framework

From the course: ISC2 Information Systems Security Engineering Professional (ISSEP) Cert Prep

Start my 1-month free trial Buy for my team

NIST cybersecurity framework

“

- [Brad] Welcome back to Cybrary's ISSEP course. I'm your instructor, Brad Rhodes. Let's jump into the NIST Cybersecurity Framework. So in this lesson, we're going to review the framework, we're going to talk about the category identifiers, and then we're going to do an example based on the framework. So the NIST Cybersecurity Framework is a favorite of mine. I have been using this for about 10 years now. I teach it to defenders, I teach it to organizations that don't have anything in place to begin with, and this is a great starting point. It's broken down into five areas: identify, protect, detect, respond, and recover. So in identify, that's our assets, right? We got to know what we got. And assets are systems, people, data, and those risks associated. In protect, that's where we're implementing our security controls. You remember the security controls we talked about in 853? Obviously there's multiple processes that an ISI can use to implement those, but that's where we look at…

Contents