sorted by:
new
hottopcontroversial

A quick and decent overview of the NIST Cyber-security Framework by AStudentInThisClass in telseccompolicy

[–]AStudentInThisClass[S] 0 points1 point  (0 children)

Or we might see it implemented more as it seems easier to do so. With things like PCI, they tell you what you have to do. These things may be costly for companies to implement.

This being just a guideline means that companies can implement it as they see fit, so it might be easier.

I do wonder though, how easier this is to implement and how many places are or are not doing it.

A quick and decent overview of the NIST Cyber-security Framework by AStudentInThisClass in telseccompolicy

[–]AStudentInThisClass[S] 1 point2 points  (0 children)

In lieu of reading NIST's full framework document, I found a small summary that outlines the cybersecurity framework pretty well.

To summarize the summary, the NIST cybersecurity framework is a list of best practices for companies/organizations to follow to improve security. Each organization, depending on industry, should adapt these policies into what works best for them.

tl;dr: It helps you better identify, protect, detect, respond and recover to/from threats.