filmov
tv
NIST 800-171 Rev.3 - 3.2.2 Training personnel (MCR 7/14/23)
Показать описание
“What the government's concern here is, do the people that work for you, subcontractor or contractor, do they understand their security duties based on their job function?“ --- Matt Fisch of FortMesa.
“It's key to us to identify what the role is of the person in the organization, and how that role aligns with other duties within the organization that fall under that compliance framework. When I say that, I mean there's all this compliance stuff. It's always so tightly interwoven, and everything is so reliant upon one another, that each one of those elements has an effect on whose role actually falls within a security related duty and responsibility … You have to take each role and you start to identify what the responsibilities are for those people in their role and where that responsibility lies in terms of the overall organization. I'm a big fan of mind mapping, so if you use a mind map and you take it from that perspective, take the role, break out all the different responsibilities of that role, take another role in the organization, and see where those two things intersect. You can actually use that to help develop your policies and your procedures so you have consistency amongst the organization, and then you can figure out based on that in the framework, where does it actually fit…”--- James Markley from Virtumarc.
The full MSP Cyber Roundtable livestream is here:
For more clips like this, check out this playlist -
#cybersecurity #msp #compliance
#managedservices #msp #msphackers #cybersecurity cybersecurity
#cybersecurityforbeginners #nist #cybersecurityframework #cybersecurityfundamentals #cybersecurity101#maliciouscompliance
#compliance #hipaacompliance #pcicompliance #vulnerabilitymanagement
#qualysguard #vulnerabilitymanagementtutorial #hacker
“It's key to us to identify what the role is of the person in the organization, and how that role aligns with other duties within the organization that fall under that compliance framework. When I say that, I mean there's all this compliance stuff. It's always so tightly interwoven, and everything is so reliant upon one another, that each one of those elements has an effect on whose role actually falls within a security related duty and responsibility … You have to take each role and you start to identify what the responsibilities are for those people in their role and where that responsibility lies in terms of the overall organization. I'm a big fan of mind mapping, so if you use a mind map and you take it from that perspective, take the role, break out all the different responsibilities of that role, take another role in the organization, and see where those two things intersect. You can actually use that to help develop your policies and your procedures so you have consistency amongst the organization, and then you can figure out based on that in the framework, where does it actually fit…”--- James Markley from Virtumarc.
The full MSP Cyber Roundtable livestream is here:
For more clips like this, check out this playlist -
#cybersecurity #msp #compliance
#managedservices #msp #msphackers #cybersecurity cybersecurity
#cybersecurityforbeginners #nist #cybersecurityframework #cybersecurityfundamentals #cybersecurity101#maliciouscompliance
#compliance #hipaacompliance #pcicompliance #vulnerabilitymanagement
#qualysguard #vulnerabilitymanagementtutorial #hacker
0:07:10
0:09:21
0:17:03
0:02:57
0:05:53
0:03:33
0:07:40
0:03:57
0:02:49
0:00:52
0:04:21
1:05:46
0:49:32
2:05:04
0:01:11
0:02:23
0:03:44
0:14:14
0:00:45
0:03:44
0:00:45
0:01:58
0:06:18
0:00:58