Keep the NIST Risk Management Framework Simple
Larry Watlington
56:12
Description
Risk Management Framework for Beginners
What You'll Learn?
- Learn NOT to take the NIST Risk Management Framework too seriously!
- Understand Risk Management from a very practical perspective
- Recognize that we apply RMF to many things in our daily life (like changing a Door Lock)
- Gain a basics understanding of the 6 RMF Steps
- Apply the Risk Based approach to a very practical, non-technical Scenario
- Keep Cybersecurity and RMF Simple and Fun!
Who is this for?
What You Need to Know?
More details
DescriptionThis scenario is a simple example of me purchasing a new computer for my parents to demonstrate the practical application and simplicity of the Risk Management Framework (RMF). The aim is to explain RMF in a non-technical manner.
Whether we are planning the security for a network that supports a multi-million dollar corporation or deciding how to secure the new home we just purchased, the fundamental security concepts and principles are very similar. Even though our home example is typically not as structured (unless you are really meticulous) as a business model, the fundamental approach to security has not changed since the first caveman discovered the value of a wooden club and another caveman wanted it!
Throughout the scenario, we will cover the concepts of Risk Management as well as each of the six RMF Steps:
Categorize the risks associated with the information and the system.
Select the appropriate security controls to mitigate risks to an acceptable level.
Implement the selected controls.
Assess the implemented controls.
Authorize the system for use.
Continuously monitor the controls to ensure they effectively mitigate risks.
So, forget anything you may have already learned about RMF, NIST 800-53, and most of the other technical jargon, and join me in this adventure of buying a new computer for my parents!
Who this course is for:
- This course is designed for anyone who have been totally confused (or bored) with trying to understand RMF
This scenario is a simple example of me purchasing a new computer for my parents to demonstrate the practical application and simplicity of the Risk Management Framework (RMF). The aim is to explain RMF in a non-technical manner.
Whether we are planning the security for a network that supports a multi-million dollar corporation or deciding how to secure the new home we just purchased, the fundamental security concepts and principles are very similar. Even though our home example is typically not as structured (unless you are really meticulous) as a business model, the fundamental approach to security has not changed since the first caveman discovered the value of a wooden club and another caveman wanted it!
Throughout the scenario, we will cover the concepts of Risk Management as well as each of the six RMF Steps:
Categorize the risks associated with the information and the system.
Select the appropriate security controls to mitigate risks to an acceptable level.
Implement the selected controls.
Assess the implemented controls.
Authorize the system for use.
Continuously monitor the controls to ensure they effectively mitigate risks.
So, forget anything you may have already learned about RMF, NIST 800-53, and most of the other technical jargon, and join me in this adventure of buying a new computer for my parents!
Who this course is for:
- This course is designed for anyone who have been totally confused (or bored) with trying to understand RMF
User Reviews
Rating
Larry Watlington
Instructor's Courses
Udemy
View courses Udemy- language english
- Training sessions 11
- duration 56:12
- Release Date 2025/01/24
