4 New and Free Resources by NIST
Read time: 2 minutes
Welcome to The GRC Lab, a weekly newsletter where I provide actionable advice to help you launch, grow and accelerate your career in Governance, Risk and Compliance
Today at a Glance
New and free introductory courses by NIST
NIST CSF 2.0 crosswalk to NIST SP 800-53
I'm very excited to speak with Dan Lohrmann (Field CISO at Prescidio), Norman Kromberg (CISO at NetSPI) and Girish Redekar (Co-Founder at Sprinto) on Evaluating Cybersecurity Readiness partnering with Sprinto.
We will be sharing tactics for prioritization, discuss GRC, what it takes to develop an incident response plan and how to create a culture of data security policy.
To join this FREE webinar, Register here: https://app.livestorm.co
This week NIST has really exceeded my expectations.
Out of nowhere, they have launched a trio of self-guided, introductory online courses, for three of their publications.
Free Introductory Courses by NIST
The courses released cover the following publications:
NIST SP 800-53: This course offers an in-depth look into the SP 800-53, Security and Privacy Controls for Information Systems and Organizations. You will explore the control catalog and delve into each control family, helping you to establish a fundamental understanding of how controls are used to manage risks.
NIST SP 800-53A: Based on SP 800-53A, this course focuses on the methodologies for assessing the controls of NIST SP 800-53. It provides detailed insights into the structure of assessment procedures and the objectives of these assessments, empowering users with the knowledge to conduct thorough evaluations of security and privacy controls.
NIST SP 800-53B: Centered on SP 800-53B, this course educates users on security and privacy control baselines and offers guidance on how to tailor these controls to specific organizational needs.
Each course is designed to last between 45-60 minutes, is available free of charge, and does NOT require registration. This is a great opportunity especially for beginners or people looking to transition into this field.
You can find the new courses here: https://csrc.nist.gov
Crosswalk NIST CSF 2.0 to SP 800-53
When NIST released version 2.0 of its popular Cybersecurity Framework (CSF) a couple of weeks a go, many have been questioning where to find a crosswalk to NIST SP 800-53. To my, and many others surprise, no crosswalk was available - until now.
Where to find it?
The crosswalk can be found in the Computer Security Resource Center.
Access: https://csrc.nist.gov/projects/cybersecurity-framework/
Open Filter
Select SP 800-53 Rev. 5.1.1
Categories and subcategories are now extended by the relevant security and privacy controls of NIST SP 800-53, which can be very helpful when determining an action plan to improve the cybersecurity posture of an organization.
Whenever you're ready, there are 3 ways I can help you:
ISO 27001 Lead Implementer Course: Join 8,500 students in mastering ISO/IEC 27001:2022. This comprehensive 8 hour course will teach you a proven 12-Step methodology with ready-to-use templates, saving you and your organisation hundreds of hours.
ISO 27001 Starter Kit: Simplify your Path to Compliance with a customizable Project Plan, a set of reference processes and supporting resources.
BPMN 2.0 for Enterprise Architects: Learn how to model business processes with BPMN 2.0
Refer Friends, Earn Rewards!
You’re just 1 referral away from the first of many free resources.
Thanks for reading The GRC Lab! Subscribe for free to receive new posts and support my work.