Welcome to the
CyberIQs Knowledge Centre

Cyber Resilience fr...
 
Notifications
Clear all

Cyber Resilience frameworks


nextCISO
(@nextciso)
Active Member
Joined: 2 years ago
Posts: 6
Topic starter  

Hi, I am sorry if this is not the right room to ask this ? 

I need to develop a methodology to deliver cyber resilience assessments to my clients, but I am new to this kind of assessments.

Please, can someone explain what methodologies are available to deliver cyber resilience assessments and what sort of results are expected from these sort of assessments?


Quote
cyb3rg1rl
(@cyb3rg1rl)
Active Member
Joined: 2 years ago
Posts: 10
 

Hello nextCiso,

The methodology we follow in our organization is the following,

https://us-cert.cisa.gov/resources/assessments

It was created by CISA ( Cybersecurity & Infrastructure Security Agency)

In the link above you can find an explanation of the methodology and loads of resources to get you started. This methodology aligns well with NIST CSF thus the results of the assessment can be expressed according to one of the fours Tiers present in NIST framework.

https://us-cert.cisa.gov/sites/default/files/c3vp/csc-crr-nist-framework-crosswalk.pdf

I hope you find this useful!

 

 


Gulam_rab liked
ReplyQuote
Gulam_rab
(@gulam_rab)
New Member
Joined: 2 years ago
Posts: 4
 

Hello nextCiso, because we are located in Scotland we followed the Cyber Resilience Framework published by the Scottish government which is bssed on NIST CSF and also aligns with the ISO 27001 standard.

Please, see below the framework

https://www.gov.scot/publications/cyber-resilience-framework/

Annex A provides a Matrix mapping to different frameworks such as ISO 27001 and NIS.

I hope this is useful!

 

 


ReplyQuote
nextCISO
(@nextciso)
Active Member
Joined: 2 years ago
Posts: 6
Topic starter  

Thanks so much! these resources will get me started.


ReplyQuote
Share: