Making the Most of the NIST Cybersecurity Framework
Rsam's Vivek Shivananda on Using the Framework as a Guideline for ActionThe National Institute of Standards and Technology's Cybersecurity Framework (NIST CSF) is giving CISOs a foundation for communicating more clearly with the board about security issues, says Vivek Shivananda of Rsam.
See Also: Breaking Down Silos With a Holistic View of Security, Risk
"The word 'cybersecurity' is probably the best thing that happened to information security professionals. It gave us a seat at the table," he says. "Given that now we have a seat at the table, we need to answer two important questions to the board: One, how are we doing against the cybersecurity framework? And two, what executives want to know is: If there is a breach or an attack, are we ready to respond?"
In a video interview at Information Security Media Group's recent New York City Fraud and Breach Prevention Summit, Shivananda:
- Discusses using the framework at a guideline for action;
- Describes how the pending updated version of the framework offers guidance on vendor risk management;
- Tells how Rsam is helping organizations embrace the framework and improve breach preparedness.
Shivananda is co-founder and CEO at Rsam, a risk and compliance solutions provider. Prior to Rsam, Vivek was COO of eB Networks and held management and consulting positions at Cap Gemini. He is a frequent guest speaker at industry conferences.