From the course: Cyber Crisis Management with NIST Cybersecurity Framework (CSF) 2.0
Join today to access over 24,900 courses taught by industry experts.
Understanding your cyber environment
From the course: Cyber Crisis Management with NIST Cybersecurity Framework (CSF) 2.0
Understanding your cyber environment
- In order to prepare to handle a cyber crisis, we need to adequately govern our cyber risks. In the NIST cybersecurity framework, we're focused on the organizational context activity inside the govern function. The category identifier is GV.OC. What we need to do here is clearly understand our circumstances, things like our mission, stakeholder expectations, dependencies, and legal, regulatory, and contractual requirements. We do this to make sure our cybersecurity risk management decisions are grounded in our reality and not someone else's reality, like the last place we worked at, which was probably a different size and in a different industry. We're also going to refer to the risk management strategy category with the identifier of GV.RM. And this will reveal to us our organization's priorities, constraints, risk tolerance, and risk appetite, and how this information is established, communicated, and how it's all used to support our operational cyber risk decisions. Next, we'll…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.