2.3 Cybersecurity Resources

standard

A document approved through consensus by a recognized standardization body

NIST Risk Management Framework (RMF)

A guidance document designed to help organizations assess and manage risks to their information and systems.

NIST Cybersecurity Framework (CSF)

A measuring stick against which companies can compare their cybersecurity practices relative to the threats they face.

framework

A series of documented processes used to define policies and procedures for implementation and management of security controls in an enterprise environment

Cloud Controls Matrix

A specialized framework of cloud-specific security controls

Vulnerability feeds

Cybersecurity data feeds include that provide information on the latest vulnerabilities.

Requests for comments

Documents that are authored by technology bodies employing specialists, engineers, and scientists who are experts in those areas.

regulations

Standards typically developed by established professional organizations or government agencies using the expertise of seasoned security professionals