Question

In: Computer Science

Explain what is to be done when cybersecurity framework controls (NIST SP 800-53) cannot be implemented.

Explain what is to be done when cybersecurity framework controls (NIST SP 800-53) cannot be implemented.

Solutions

Expert Solution

NIST standard based on best practices from several security documents organizations and publications NIST cybersecurity framework provide private sector organization with structure for assessing and iproving their ability to prevent detect and respond to cyber incidents the framework uses business drivers to guide cybersecurity activities and consider cybersecurity is part of an organization risk management processes and to help managetheir cybersecurity risk their are five key distinct functions to provide well planned strategic view of an organizations cybersecurity risk management and how to comply with them in the most effective way identify ,protect , detect , respond , recover , implementing the NIST cybersecurity framework can hep your organization become more focused on protecting .

The SP 800-53 guidelines were created to incerese the security of information systems uses within federal government.
Guidelines themselves apply to any component of an information system that stores, or transmits federal information.

According to all guideline if security will not there then anyone can to steal the data of organization .

The guidelines are revised in according to the evolving nature of information security and cover areas like mobile and cloud computing, insider hazard, application security, and supply the chain security.


Related Solutions

Describe when some cybersecurity framework controls cannot be implemented (such as on a personal laptop, IoT,...
Describe when some cybersecurity framework controls cannot be implemented (such as on a personal laptop, IoT, and other mobile devices).
For your organization/business, take the NIST Cybersecurity Framework controls and reduce them to system configuration requirements...
For your organization/business, take the NIST Cybersecurity Framework controls and reduce them to system configuration requirements and system test cases with pass/fail criteria. Refer to the "Framework for Improving Critical Infrastructure Cybersecurity," located within the Course Materials. Then, include the following in a report:(Hint..The professor wants us to use table 2 of the cybersecurity framework(CSF) to answer this question.I know the question has to do how some of the controls of the protect function of CSF cannot work for mobile...
What is the NIST "Framework for Improving Critical Infrastructure Cybersecurity" and how does it relate to...
What is the NIST "Framework for Improving Critical Infrastructure Cybersecurity" and how does it relate to our Textbook Chapter 4 content? Also, provide an example of a NIST Guideline and an example of a NIST Best Practice; how could you apply those examples you identified to your use of the Internet? Your job is to read the Assignment Document Executive Summary Assignment Document: http://www.nist.gov/cyberframework/upload/cybersecurity-framework-021214.pdf See chapter 4 from This book security + guide to network security fundamentals
NIST SP 800-30 is a National Institute of Standards and Technology publication that includes the following...
NIST SP 800-30 is a National Institute of Standards and Technology publication that includes the following terms, which relate to the potential harm an organization might sustain when threats exploit vulnerabilities: very high, high, moderate, low, and very low. The terms are defined in the course textbook in section “Threats, Vulnerabilities, and Impact.” Research a well-known company, and identify at least one example for each term.  
NIST cybersecurity framework. Summarize the purpose, approach, goals, and scope of this topic publication.( cite references)
NIST cybersecurity framework. Summarize the purpose, approach, goals, and scope of this topic publication.( cite references)
Assess the relationships between continuous monitoring for 1) NIST Systems Security Engineering, SP 800-160, Systems Security...
Assess the relationships between continuous monitoring for 1) NIST Systems Security Engineering, SP 800-160, Systems Security Engineering and 2) IETF SACM. Consider for your Analysis and Conclusions utilizing the NIST enterprise levels: • Level 1: Organization • Level 2: Mission/Business Processes • Level 3: System
Adequate controls have to be implemented if an organization wants to reduce errors and fraud when...
Adequate controls have to be implemented if an organization wants to reduce errors and fraud when using computer technology. It is in the design stage of an information system that the appropriate controls are planned to ensure reliability of data. A good design can prevent both intentional and unintentional alteration and destruction of data. The data controls can be classified as input controls, process controls, and output controls. For each of these control categories, provide two specific controls, and state...
Explain the most important risks in computer-based accounting systems. What controls can be implemented in each...
Explain the most important risks in computer-based accounting systems. What controls can be implemented in each area to help mitigate these risks?
Describe what is National Initiative for Cybersecurity Education (NICE) Framework? As a leader, how can you...
Describe what is National Initiative for Cybersecurity Education (NICE) Framework? As a leader, how can you use a NICE framework at your place of work? Do provide two examples to support your points.
Discuss the five components of the COSO Framework for Internal Controls and explain why each of...
Discuss the five components of the COSO Framework for Internal Controls and explain why each of these components is important. Use the COSO framework updated in 2013 instead of the version in the textbook,
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT