Building a NIST-Compliant Cybersecurity Program

Tuesday, July 30th

Salon DEF

About the Session

Five years after its initial release, the NIST Cybersecurity Framework is still a gold-standard process for prioritized, flexible, repeatable, performance-based and cost-effective approach to managing cybersecurity risk at all levels in an organization. The framework is applicable to organizations of all sizes and sectors. This presentation will address using the NIST Cybersecurity Framework for building a cybersecurity program (engineering, technology and business) that’s addresses today’s cybersecurity landscape and cyber risks, providing attendees with assessments, executive scorecards and a road map to remediate control gaps.

In this session, attendees will learn how to:

  • Describe the three main components of the NIST Cybersecurity Framework: the Core Functions, the Implementation Tiers, and the Current and Target Profiles
  • Explore how implementing the NIST Cybersecurity Framework protects critical IT resources and information assets before an attack, during an attack and after an attack
  • Investigate how organizations use the NIST Cybersecurity Framework is used for communicating expectations and deliverables within an organization, with external service providers and with regulatory agencies

Presented By

Larry Wilson
University of Massachusetts President's Office