Professional Documents
Culture Documents
Order Code 82508782 Topic 4a.edited
Order Code 82508782 Topic 4a.edited
Order Code 82508782 Topic 4a.edited
Cyber Security
Student’s Name
University
Course
Professor
Date
CYBERSECURITY 2
Cyber Security
CSF) was established to offer guidance for organizations wishing to bolster their cybersecurity
defenses. Five steps are outlined to offer guidance. The first step is setting the organizations'
goals and including the tolerance levels and the accepted levels of risks. By setting the target
goals, an organization can create a detailed profile for the framework that covers the risk
management process and the needed tools to support it. The third step is to assess a specific
functional area or the organization in general. The current position is known through
vulnerability scanners and behavior analytics, which provide target scores. The NIST framework
creates a gap analysis that outlines the action plans that can be considered to improve the
organizational scores from the scores. The gap analysis needs to be discussed with relevant
stakeholders who influence the plan. Finally, the NIST framework directs that an implementation
action plan be introduced to include the defenses aligned with the organizational security goals.
A mechanism to build cybersecurity awareness is identifying the risks that provide the
most threats, then changing the organization's behavior in terms of realizing and dealing with
cases of insecurity. The organization can then schedule training activities for security personnel
as well as stakeholders in the organization. After training, it is crucial that testing be done to
highlight the effectiveness of the used training programs. Through testing, the frameworks can
be used continually, and if they are not effective, other frameworks can be used. The mechanism
then tracks the metrics of the health organization in terms of safety and performance.
Reference
CYBERSECURITY 3
https://www.nist.gov/cyberframework