Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Unveiling the NIST Risk Management Framework (RMF)

You're reading from   Unveiling the NIST Risk Management Framework (RMF) A practical guide to implementing RMF and managing risks in your organization

Arrow left icon
Product type Paperback
Published in Apr 2024
Publisher Packt
ISBN-13 9781835089842
Length 240 pages
Edition 1st Edition
Arrow right icon
Author (1):
Arrow left icon
Mr. Thomas Marsland Mr. Thomas Marsland
Author Profile Icon Mr. Thomas Marsland
Mr. Thomas Marsland
Arrow right icon
View More author details
Toc

Table of Contents (17) Chapters Close

Preface 1. Part 1: Introduction to the NIST Risk Management Framework FREE CHAPTER
2. Chapter 1: Understanding Cybersecurity and Risk Management 3. Chapter 2: NIST Risk Management Framework Overview 4. Chapter 3: Benefits of Implementing the NIST Risk Management Framework 5. Part 2: Implementing the NIST RMF in Your Organization
6. Chapter 4: Preparing for RMF Implementation 7. Chapter 5: The NIST RMF Life Cycle 8. Chapter 6: Security Controls and Documentation 9. Chapter 7: Assessment and Authorization 10. Part 3: Advanced Topics and Best Practices
11. Chapter 8: Continuous Monitoring and Incident Response 12. Chapter 9: Cloud Security and the NIST RMF 13. Chapter 10: NIST RMF Case Studies and Future Trends 14. Chapter 11: A Look Ahead 15. Index 16. Other Books You May Enjoy

What this book covers

Chapter 1, Understanding Cybersecurity and Risk Management

What good is building a house without a foundation? In this case, our foundation is cybersecurity and risk management. This chapter will kick things off, getting us on the right foot so we can move forward on the same level together.

Chapter 2, NIST Risk Management Framework Overview

NIST is a cool organization – no, really! They are! Before we dive into the framework, let’s talk about where it came from. The main topics we touch on here are the history of the NIST RMF, the stages and crucial components, and finally, the roles and responsibilities of the team that will utilize it in your organization.

Chapter 3, Benefits of Implementing the NIST Risk Management Framework

It’s useless to do something and truly own it if you don’t even know why you’re doing it, right? This chapter aims to solve just that. Covering the advantages of adopting the NIST RMF, some regulatory considerations, as well as the whole purpose for doing this in the first place (risk reduction!), we’ll start to dive into this topic together and have some fun.

Chapter 4, Preparing for RMF Implementation

How can you do something if you don’t prepare first? One might call that “winging it,” and in the context of risk management, it’s not something I really recommend. This chapter will discuss how to put your team together, set goals, create a strategy, and start implementing the framework.

Chapter 5, The NIST RMF Life Cycle

Here, we take an in-depth look at the stages of the framework – Prepare, Categorize, Select, Implement, Assess, Authorize, and Monitor. You, the reader, will understand how the RMF is laid out and the importance of each step, with clear breakdowns.

Chapter 6, Security Controls and Documentation

This chapter gets into the so-called meat and potatoes of every governance, risk and compliance (GRC) person’s life – the controls themselves, and just as important, the documentation of those controls. This chapter discusses the importance of controls, not just for security’s sake but also from the perspective of business enablement. We will also discuss documentation and automation as keys to truly making your life easier.

Chapter 7, Assessment and Authorization

Moving on, we set out to equip you with the skills to conduct a security assessment (or even more than one), navigate the assessment and authorization process, and prep for the inevitable audits. Fear not the auditor – they’re here to help (we hope).

Chapter 8, Continuous Monitoring and Incident Response

Despite all of the controls in the world you may have implemented, the human factor will still play a role. Eventually, you may find yourself conducting incident response. But how can you do that without a solid plan? In this chapter, we’ll discuss how to develop an incident response plan and how to use it. We’ll also touch on verifying your controls with continuous monitoring.

Chapter 9, Cloud Security and the NIST RMF

We’d be remiss if we didn’t talk about the revolution that has been the cloud and the unique ways that risk can rear its head here. We’ll discuss how we might adapt the NIST RMF for cloud environments and some challenges (and solutions), and even have a brief chat about compliance.

Chapter 10, NIST RMF Case Studies and Future Trends

What good is learning about a framework unless you can also learn from others’ experiences? Sometimes the best way to do something is to follow in the footsteps of those who’ve come before you. In this chapter, we’ll do just that.

Chapter 11, A Look Ahead

As we draw to a close, we’ll reflect on the journey we’ve taken, discussing lifelong learning and the role of all of us as cybersecurity leaders in excellence.

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image