-
Boost your organization's security posture with a security framework. Learn about the top four security frameworks, how they compare, and how you can create a core security set.
Security frameworks are designed to help organizations boost their security posture. Such frameworks provide security practitionersâand their business partnersâwith a common set of practices to follow, as well as a baseline that makes it easier to report on improvements. In this course, join Mandy Huth as she covers the top four frameworks available, goes over how the frameworks compare, and shares how you can actually map your security controls across multiple frameworks. Mandy also shows how to determine your core security set, stepping through how to define what you'll do and how you'll measure it, and then prove that you did what you sought out to do. Throughout the course, she shares best practices that can help you start leveraging a security framework in your own company.
Overview
Syllabus
-
Introduction
- Picking the right security framework
- Who uses security frameworks?
- Why are security frameworks important?
- Definitions
- Overview of the major frameworks
- Other frameworks to consider
- Cybersecurity regulations
- Risk assessment and the SIG
- PCI and credit card payments
- CIS critical security controls
- NIST 800-53: Guidance for US companies
- ISO 27001: A global approach with certification
- How the frameworks compare
- Mapping process controls
- Mapping technical controls
- Deciding on a framework
- The control families
- The measures
- The assurances
- Augmenting frameworks with GRCs
- Developing a security mindset
- Next steps
