Karen Stanford’s Post

You don't know what to do at the weekend? 😎 The NIST SP800-82r3 is a superb guide to a holistic OT-Security approach. The revised version was published in September 2023 and contains a lot of perspectives about OT in general and OT-Security in detail. https://lnkd.in/eq637aUk

Trying to get started with NIST SP 800-171? With so many regulations now requiring this standard, I wanted to create a quick overview to level set and walk through the basics. In the video I address the most common questions I hear and walk through its purpose. Whether you're new to SP 800-171 or need a refresher, this video will help you get your arms around it and figure out where to start! Check it out here! 👇 https://lnkd.in/ecZGF2vj #SP800171 #SecureTheDIB

reading and understanding NIST SP 800 63. So many questions I've had for years answered.

The NIST CSF 2.0 release is finally here. As expected, CSF 2.0 adds a 6th core function: "govern." 20+ years ago we only had Protect, Detect, and Respond. Those sure were the good old days. "Have IDS, will travel." Now you have to plan, test, validate, discover, be proactive, deal with unknown unknowns... Pfft, and they call it progress. Read more: https://lnkd.in/gKW8kH5s CSF intro for the uninitiated: https://lnkd.in/g92gYcQa Or just dive right in - full CSF 2.0: https://lnkd.in/gVuuhESp

Don't miss @Patrick's valuable thoughts on the latest NIST CSF 2.0 update in a special interview with @Nextgov. Discover how the framework prioritizes accessibility for all. See more: https://okt.to/USmuqA #NISTFramework

Didn't make it to our webinar last week? Watch the recording now to catch up on critical updates to NIST SP 800-171r3 and strategies for compliance success in 2024! ⬇️ https://lnkd.in/eRJPJKVr

Whenever you're having a hard time understanding a control requirement, it helps to look up supplemental guidance. This information can be found under each control in the NIST 800-53 pdf document or online on STIG Viewer. You can review guidance information on STIG Viewer: https://lnkd.in/eEyshRHz or NIST Website: https://lnkd.in/esHtZhcX Please review the guidance for CP-2 for an understanding of what a Contingency Plan (CP) is.

The NIST CSF 2.0 is finally here! It's the first update since its initial publication in 2014. Get all the inside info on scope, objectives and the new content here 👉 https://lnkd.in/eweuBu6N OneTrust DataGuidance

Polish up on your NIST 800-61 knowledge. DM me the answers or tag someone your working with on your IT journeys so they can DM you what the following means. Incident Response Lifecycle P = ? D&A = ? CE&R = ? P-I A = ?

NIST News: Analysis of SP 800-171 Rev3 Public Comments SP 800-171, Revision 3 (Final Public Draft) and SP 800-171A, Revision 3 (Initial Public Draft) have both been analyzed and the summary of analysis can be found at the NIST link below. Significant changes to 800-171 Rev 3 include: • Elimination of the NFO control tailoring category • Introduction of a new tailoring category for controls that are addressed by other related controls (ORC) • Reduction of the number of organiza;on-defined parameters (ODPs) achieved by removing ODPs that did not significantly impact the security requirement • Clarification of responsibility for assigning ODP values • Consolidation of security requirements for better consistency with SP 800-53 • Refinement of discussion sec;ons for beVer understanding and usability • Addition of leading zeros to security requirements to support automated tool usage REMINDER: CMMC 2.0 utilizes NIST 800-171 Rev 2. It is good to keep the Rev 3 update in mind but don’t prioritize as a OSC.