Cybersecurity Risk Management: A NIST Cybersecurity Framework Reference
I am a born problem solver. I am fond of mending things, addressing network glitches and other systems’ faults, as well as defending them against intruders. Policies? Standards? My worst nightmare! They seem like obstacles on the way to real work which excites me into action.
My decade-plus in this business, still proves that it’s not all about being smart–it’s all about having a well-oiled machine. Machines just like any others do need clear policies.
It doesn’t make sense does it; hundreds of servers in a data center, how can we ensure they have been patched, hardened and are compliant with the best security practices? You cannot go at it alone. You need some form or structure upon which everything else will be built.
And that’s where Cynthia Brumfield and Brian Haugli’s Cybersecurity Risk Management comes in. For data center professionals dealing with complexities of security frameworks, this book is an eye opener.
The book draws heavily from the NIST Cybersecurity Framework, an industry-wide accepted framework and simplifies its key points briefly.
What makes it a must-read for data center security professionals:
- Practical Guidance: Brumfield and Haugli don’t use academic language you’ll find dry in other policy books – instead they provide practical examples and instructions on how to implement the NIST Cybersecurity Framework within your data center.
- Depth and Breadth: The entire framework including identification/assessment of risks up to implementing security controls as well as managing vulnerabilities is covered by this book.
- Cross-Framework Integration: It also shows relationships between NIST and other popular security frameworks such as COBIT, ISO 27001 or ISA 62443 making transition into NIST smoother under your current security program.
- Expert Insights: Both authors have extensive experience with the NIST Cybersecurity Framework giving them unique perspective that will enable you achieve genuine excellence when it comes to securing your digital assets.
This is not just a book for beginners in security – it’s a gold mine for seasoned professionals in the field who want to enhance their skills and remain ahead. I have been reading Brumfield’s works for some years, and her way of writing that is simple and straight forward helps even with complex security concepts.
When you no longer want to swim through thick policy documents, Cybersecurity Risk Management will be your new reference point. As an ex-hacker myself, there are times when I cannot resist well-drafted policy books that show how my work can be better.