New ISACA Resources Offer Step-by-Step Guidance for NIST Cybersecurity Framework Implementation Using COBIT 2019

It's Time to Change Your Perception of the Cybersecurity Professional

December 27, 2019

New ISACA resources offer step-by-step guidance for the U.S. National Institute of Standards and Technology's (NIST) Framework for Improving Critical Infrastructure Cybersecurity (CSF).

With the framework, enterprises can better manage their information and technology (I&T) risk by integrating cybersecurity standards and enterprise governance, says ISACA. They can gain greater understanding of the steps and activities involved with the CSF while also aligning them with measurable governance and management practices in COBIT 2019 through the newly released book, Implementing the NIST Cybersecurity Framework Using COBIT 2019 and white paper, Governance Playbook: Integrating Frameworks to Tackle Cybersecurity.

Implementing the NIST Cybersecurity Framework Using COBIT 2019 outlines how specific CSF steps and activities map to COBIT 2019, an information and technology (I&T) governance and management framework, and illuminate how this framework can help enterprises better protect critical infrastructure. In addition to introducing NIST CSF and framework implementation coordination, the book demonstrates how COBIT 2019 goals cascade to the CSF, details each phase involved and walks through recommendations for communicating cybersecurity requirements with stakeholders. Also included are a detailed template for framework profile, action planning guide and insights into critical infrastructure sectors.

Supplementing this book, the Governance Playbook: Integrating Frameworks to Tackle Cybersecurity white paper offers an easily digestible overview of these steps that can be taken to implement the NIST cybersecurity framework using COBIT 2019.

“Implementing the NIST CSF is an important step for enterprises in strengthening their cybersecurity posture. By leveraging COBIT 2019, they can reap the benefits of more effective I&T prioritization and greater transparency and communication around I&T risk,” says Greg Witte, CISM, an expert reviewer for the book. “ISACA’s resources offer clear guidance and action plans for structuring an implementation approach and ultimately improving risk management.”

You must login or register in order to post a comment.

ON DEMAND: DevSecOps creates an environment of shared responsibility for security, where AppSec and development teams become more collaborative. With the right training and tools, developers can become more hands-on with security and, with that upskilling, stand out among their peers... however, they need the security specialists on-side, factoring them into securing code from the start and championing this mindset across the company.

ON DEMAND: The insider threat—consisting of scores of different types of crimes and incidents—is a scourge even during the best of times. But the chaos, instability and desperation that characterize crises also catalyze both intentional and unwitting insider attacks. Learn how your workers, contractors, volunteers and partners are exploiting the dislocation caused by today's climate of Coronavirus, unemployment, disinformation and social unrest.

Security Magazine

2020 December

This month, Security magazine brings you the 2020 Guarding Report - a look at the ebbs and flows security officers and guarding companies have weathered in 2020, including protests, riots, the election, a pandemic and much more. Industry experts discuss access management and security challenges during COVID-19, GSOC complacency, the cybersecurity gap, end-of-year security career reflections and more!

View More Create Account

New ISACA Resources Offer Step-by-Step Guidance for NIST Cybersecurity Framework Implementation Using COBIT 2019

Related Articles

Related Products

Report Abusive Comment