In 2014, the NIST Cybersecurity Framework (CSF) took the world by storm, aiming to help organizations to improve their ability to prevent, detect and respond to cyber attacks.  It has been translated to many languages and is used by the governments of the United States, Japan, Israel, among many others.  The Trends in Security Framework Adoption Survey, conducted in 2016, reported that 70% of the 300 surveyed organizations view NIST's framework as a security best practice, but, that same survey also found that 50% of

On March 29, 2019, Alex Polimeni and I presented at the BSides Austin conference on some of the work we've done for National Instruments with respect to using the NIST Cybersecurity Framework (CSF) as the foundation for an assessment of the organization's cybersecurity maturity.  For those who aren't familiar with the NIST CSF, it splits cybersecurity best practice activities up into five functions: Identify, Protect, Detect, Respond, and Recover.  Then, each of those functions are split into several categories.  For example, the Identify function is split into the categories of Asset Manag

Subscribe to framework