- Видео 66
- Просмотров 119 018
Optic Cyber
США
Добавлен 26 апр 2020
Securing your business, keeping you in control.
We understand that cybersecurity should be a business enabler, not a roadblock. At Optic Cyber Solutions, we apply cybersecurity as a lens on top of business priorities to help organizations manage risks and protect their critical information and resources.
We understand that cybersecurity should be a business enabler, not a roadblock. At Optic Cyber Solutions, we apply cybersecurity as a lens on top of business priorities to help organizations manage risks and protect their critical information and resources.
What Changed? - NIST SP 800-171 Rev2 to Rev3
The final update to NIST SP 800 171 Rev 3 is here! Check out this video to learn about what changed and where to dig in!
Presented by Tom Conkle, CISSP (@TomConkle)
Optic Cyber Solutions strives to help organizations identify and address their blind spots through our assessment, implementation, and advising services. Reach out at Info@OpticCyber.com if you have questions regarding the Rev 3 changes or to learn how Optic can help you stay ahead of the curve!
Optic Cyber Solutions:
www.opticcyber.com/
Optic Cyber Solutions Resources:
SP 800-171r3 Profile Template -
43828014.hs-sites.com/171r3-profile-download
NIST Resources:
SP 800-171r3 - nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-...
Presented by Tom Conkle, CISSP (@TomConkle)
Optic Cyber Solutions strives to help organizations identify and address their blind spots through our assessment, implementation, and advising services. Reach out at Info@OpticCyber.com if you have questions regarding the Rev 3 changes or to learn how Optic can help you stay ahead of the curve!
Optic Cyber Solutions:
www.opticcyber.com/
Optic Cyber Solutions Resources:
SP 800-171r3 Profile Template -
43828014.hs-sites.com/171r3-profile-download
NIST Resources:
SP 800-171r3 - nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-...
Просмотров: 226
Видео
Profiles - NIST Cybersecurity Framework 2.0
Просмотров 593Месяц назад
Trying to figure out how to use the CSF Profiles? Check out this video to learn more about what Profiles are, the different types, and how to get started! Presented by Kelly Hood, CISSP (@KellyHood_) Optic Cyber Solutions strives to secure your business, keeping you in control through our assessment, implementation, and advising services. For more information about Optic Cyber Solutions and how...
Do I Measure Up? - NIST Cybersecurity Framework 2.0
Просмотров 1,1 тыс.2 месяца назад
Discover what the release of the NIST Cybersecurity Framework (CSF) 2.0 means for you and what to do now! Align your capabilities to the updated Framework, identify gaps in your current strategy, and create a roadmap to build confidence in your cybersecurity. Presented by Kelly Hood, CISSP (@KellyHood_) Optic Cyber Solutions strives to secure your business, keeping you in control through our as...
Overview - NIST Cybersecurity Framework 2.0
Просмотров 3,5 тыс.2 месяца назад
Keep hearing about the NIST Cybersecurity Framework 2.0, but not sure what it is or why you'd use it? Check out this video to get an introduction to the CSF and learn about its 3 primary components: the Core, the Tiers, and the Profiles. Presented by Kelly Hood, CISSP (@KellyHood_) Optic Cyber Solutions strives to secure your business, keeping you in control through our assessment, implementati...
What Changed? - NIST Cybersecurity Framework 2.0
Просмотров 16 тыс.3 месяца назад
The final update to the NIST Cybersecurity Framework 2.0 is here! Check out this video to learn about what changed and where to dig in! Presented by Kelly Hood, CISSP (@KellyHood_) Optic Cyber Solutions strives to help organizations identify and address their blind spots through our assessment, implementation, and advising services. For more information about Optic Cyber Solutions and how we ca...
FISMA Overview
Просмотров 7744 месяца назад
Confused about the Federal Information Security Modernization Act (FISMA) & its relevance to you? Discover the essentials in our latest video. Learn why FISMA is crucial for safeguarding government data operated by both federal agencies & commercial companies. Got questions? Contact us at Info@OpticCyber.com. Find out how Optic can assist you in meeting your FISMA requirements and implementing ...
CMMC v2.0 Proposed Rule - Public Comment (Dec 2023)
Просмотров 2165 месяцев назад
The CMMC v2.0 Proposed Rule has been released for public comment. Check out this video for an overview of what changed (and what didn't)! Presented by Tom Conkle, CISSP (@TomConkle) Reach out at Info@OpticCyber.com if you have any questions regarding the requirements! Check out our services at www.opticcyber.com/services/cmmc-services Optic Cyber Solutions Resources Resources Home Page: www.opt...
Current Cybersecurity Requirements for the DIB
Просмотров 1155 месяцев назад
Keep hearing everyone talking about CMMC and NIST SP 800-171, but not sure what's actually required today? Check out this video to learn about the cybersecurity requirements that are already in place today for DoD contractors! Reach out at Info@OpticCyber.com if you have any questions regarding the requirements! Check out our services at www.opticcyber.com/services/cmmc-services Presented by Ke...
NIST 800 171 Rev3 - FPD Overview
Просмотров 2266 месяцев назад
Trying to figure out what NIST is proposing to change in SP 800-171 Rev3? Check out this video to get an overview of what's being added, what's being withdrawn, and what other resources NIST provided to help us figure it out! Reach out at Info@OpticCyber.com if you have questions regarding the Rev 3 changes or to learn how Optic can help you stay ahead of the curve and prepare CMMC. Presented b...
NIST SP 800-53 - Patch Process Overview
Просмотров 2356 месяцев назад
Hearing about "patches" to NIST SP 800-53 and not sure what that means? Check out this 5 minute overview with #OpticCyber's Mike Green to learn what it is and how to provide feedback! Reach out for more information at Info@OpticCyber.com or check out our website www.OpticCyber.com Presented by Mike Green, CISSP Optic Cyber Solutions Resources: Resource Home Page: www.opticcyber.com/resources.ht...
System & File Scanning (SI.L1-3.14.5)
Просмотров 708 месяцев назад
Be sure to check out the LAST video our series on CMMC ML1 Practices and learn from Tom Conkle and Paul Thompson about the System & File Scanning Practice (CMMC SI.L1-3.14.5 / NIST SP 800-171 r2 3.14.5) 👇 “Perform periodic scans of organizational systems and real-time scans of files from external sources as files are downloaded, opened, or executed.” Optic Cyber's engineers have assisted organi...
Update Malicious Code Protection (SI.L1-3.14.4)
Просмотров 688 месяцев назад
Don’t forget that you have to actually update your protections after they’ve been implemented. We all know that technology is constantly changing, so we have to update our protections to keep up! Today in our series on the CMMC ML1 Practices, Tom Conkle is talking to Kelly Hood about the Update Malicious Code Protection Practice (CMMC SI.L1-3.14.4 / NIST SP 800-171 r2 - 3.14.4). 👇 “Update malic...
Secure Your Business - Build a Cybersecurity Program that Works for You
Просмотров 548 месяцев назад
Learn how to protect your business from cyber threats by creating a customized cybersecurity plan at our in-person workshop! Join us for an exciting in-person event where we’ll leverage Optic’s Workbook of Cyber Blueprints to tailor a cybersecurity program organized around the NIST Cybersecurity Framework. This workshop is designed to help you build a cybersecurity program that works for you. W...
Malicious Code Protection (SI.L1-3.14.2)
Просмотров 718 месяцев назад
Did you know that Optic Cyber Solutions is an authorized CMMC Registered Practitioner Organization (RPO)? As an RPO, Optic helps companies secure their information systems and prepare for CMMC certification assessments! While you’re here, check out our latest video from our series on the ML1 Practices to learn from Tom Conkle and Paul Thompson about the Malicious Code Protection Practice (CMMC ...
Flaw Remediation (SI.L1-3.14.1)
Просмотров 1038 месяцев назад
This week in our CMMC ML1 webinar series, Tom Conkle & Mike Green are talking about best practices for Flaw Remediation (CMMC SI.L1-3.14.1 / NIST SP 800-171 3.14.1) 👇 “Identify, report, and correct information and information system flaws in a timely manner.” Our takeaway - find flaws quickly and address them swiftly. OpticCyber's engineers are experienced with many security compliance framewor...
Public-Access System Separation (SC.L1-3.13.5)
Просмотров 879 месяцев назад
Public-Access System Separation (SC.L1-3.13.5)
Manage Physical Access (PE.L1-3.10.5)
Просмотров 659 месяцев назад
Manage Physical Access (PE.L1-3.10.5)
Full Draft - NIST Cybersecurity Framework 2.0
Просмотров 7 тыс.9 месяцев назад
Full Draft - NIST Cybersecurity Framework 2.0
Limit Physical Access (PE.L1-3.10.1)
Просмотров 7310 месяцев назад
Limit Physical Access (PE.L1-3.10.1)
Control Public Information (AC.L1-3.1.22)
Просмотров 9211 месяцев назад
Control Public Information (AC.L1-3.1.22)
External Connections (CMMC AC.L1-3.1.20)
Просмотров 20611 месяцев назад
External Connections (CMMC AC.L1-3.1.20)
Transaction & Function Control (CMMC AC.L1-3.1.2)
Просмотров 15711 месяцев назад
Transaction & Function Control (CMMC AC.L1-3.1.2)
Authorized Access Control (CMMC AC.L1-3.1.1)
Просмотров 28811 месяцев назад
Authorized Access Control (CMMC AC.L1-3.1.1)
Thanks for the breakdown. The MaPT can't be downloaded. It redirects to Hubspot, requiring the administrator's login. I would to see that template.
Hello, I apologize for the issues! Please try this link: 43828014.hs-sites.com/nist-cybersecurity-framework-2.0-do-i-measure-up It will take you to Hubspot, but should not require any sort of administrator's login.
How can I get your slides on this?
Please email Info@OpticCyber.com requesting the slides and I'll get them right over!
Presented in a really nice way. Great job
Thanks Kelly
My go to for NIST CSF knowledge in plain language. Since you asked in your video about potential future topics : - )..curious if you were familiar with the NIST CSF Financial Services Sector profile ("CRI Profile")?
Thanks! That's a great idea - I have some familiarity with the CRI Profile but haven't gotten to dig into the 2.0 update yet. I'll have to add that to my list!
thank you for providing a great 'bridge' between v1.1 -> v2.0 - very helpful
Great content
Great Content , Thanks for the details. Could you please recommend from where to do NIST certification? Thanks
While NIST doesn't provide "certification" criteria for the CSF, there are companies that provide training for individual certifications as well as others that conduct CSF program assessments. Optic Cyber Solutions would be happy to conduct a CSF assessment of your cybersecurity program - please reach to Info@OpticCyber.com for more information!
What type of appliance is commonly used for NIST cybersecurity?
There are many Governance, Risk, and Compliance (GRC) tools that track cybersecurity governance against the CSF to help ensure you have appropriate coverage for the CSF. Additionally, they provide processes for helping align business risk to the CSF enabling you to ‘right-size’ your capabilities to properly manage risk. Additionally, CSF Profiles are a great way tool to help implement the CSF.
Thank you for the awesome content Kelly Hood
Do you have any openings for cyber security professional out there ?
Thank you Kelly!
What are the subcategories from the Framework that can be incorporated into vulnerability management process?
Looking from a preventative point of view, a few of the Subcategories that we typically consider when developing vulnerability management programs include: GV.PO-02 to establish the policy and plan, ID.RA-01 to identify vulnerabilities, ID.RA-05 to priorities them for remediation, ID-RA-06 to manage them, ID.IM-04 to plan for addressing exploited vulnerabilities, and PR.PS-02 to enable routine patching.
Thank you 🙏🏻
Thank you!
Excellent explanation, thanks for sharing
Very well explained… looking forward for more videos in future
Is NIST CSF v1.1 retired now?
The Cybersecurity Framework v1.1 has been archived on NIST's website now that v2.0 has been released. NIST is recommending that companies use v2.0 moving forward; however, since the CSF isn't a compliance standard v1.1 can still be used if desired.
Thanks for taking the time to break this down and provide details of changes
Wonderful video congrats
Thank you Kelly for this helpful summary on NIST CSF 2.0!
Many thanks for you sharing 😀
Love the videos. They have all been very helpful and no nonsense, just straight to the point and informative! Thank you!
This Video explains the Changes to the Framework. 13:20 is basically all you need to know
Thanks for the great and significant explanation on the frameworks differences.
Thanks Kelly, can you share slide ?
Yes, no problem. If you can send an email to Info@OpticCyber.com, we'll send the slides over!
Hey, Quick question. If we have NIST CSF implemented in the organization then do we need to implement Govern as well or its not mandatory and needed?
The CSF is intended to be flexible for companies to implement in a way that works best for them. Therefore, you could choose to tailor the new Govern Function out; however, this area was expanded to emphasize the need for having a cybersecurity strategy to help manage cybersecurity risk and drive cyber resilience.
Great and concise explanation Kelly. Congrats and thanks for sharing!
Are there subcategories that carry overt from 1.0? For example, in every list they've published, under Identify's Risk assessment it goes ID.RA-01, 02, 03, 04, and 05 then skips to ID.RA-07. Does this mean that the ID.RA-06 remains unchanged?
They haven't published a detailed mapping of how the Subcategories were moved around, but if you check out the Discussion Draft released last April, it will give you a starting point since it does include that level of detail (www.nist.gov/system/files/documents/2023/04/24/NIST%20Cybersecurity%20Framework%202.0%20Core%20Discussion%20Draft%204-2023%20final.pdf). In the example you provided, ID.RA-06 is still included in the updated CSF 2.0, but has had some wording changes to expand it's outcome.
thank you for the response, also my mistake in my example I meant to use ID.AM, ID.AM jumps from -05 to -07@@OpticCyber
that doc is exactly what I needed, much appreciated!@@OpticCyber
@@herpderp1238Glad to help! In the case of ID.AM-06, it was removed and the concepts are now included under the new GV.RR.
glad this video popped up in my algo. I am taking the CISSP in two weeks. very helpful.
❤
great review Kelly
Thanks for the "cut to the chase" approach. Very good!
Great job!
This is a great overview. Thanks for sharing
such a useful overview, thank you!
Awesome video!
Thanks Kelly! Great overview
Thank you for the update. I am currently trying to understand this better as I would like to get into a GRC position.
Really great job! Thank you.
This was very helpful thank you.
Enjoyed your webinar on CMMC, it was well laid out. Is the presentation deck available to the public?
If you email Info@OpticCyber.com with your request, we'd be happy to send you the deck!
Hello madam,I'm from srilanka in srilanka my life alone life with sounds in my ears both face no ears unknown human body machines user in srilanka follow me to put sounds in my ears in srilanka famous people enter my family life and put sounds in my ears in my room president ranil wikrmasinha?Singer amal perera?Singer justin Beiber ?Singer thushara sadakalum?Singer romesh sugathapala?only mind brain use find my ears and body daily find no action actress teena shanell,singer hector dias,singer Ashan fernando,actress sandani fernando,singer samitha mudunkotuwa, singer piyal perera Himasha hasanthika 1999.02.16
The links on your website are not working
Thanks for reaching out. Can you let me know what link you are looking for and I will send directly!
Great content - you should have more subscribers - thanks for this update 🙂
thanks
Really informative and helpful. Really well explained, the visuals are great.
A great high level overview. Thanks for the video Kelly!
Excellent approch
Sound not clear