EP 114 - NIST CSF Versus The Top 18
About this episode
\n\nIn this episode, Kip Boyle and Jason Dion discuss the importance of cybersecurity in the current digital landscape and focus on comparing two different standards: The NIST Cybersecurity Framework and the CIS Top 18.
\n\nThe NIST Framework was created to assist organizations in becoming cyber resilient and offers an adaptable and comprehensive approach to cyber risks. The CIS Top 18, on the other hand, provides an actionable and practical checklist of controls that is prioritized and sequenced.
\n\nBoth of these frameworks provide us with cybersecurity measures that can be used for different applications. They can be used individually, or they can work together by complementing each other in a comprehensive cybersecurity strategy.
\n\nIt is important to realize that the CIS Top 18 can end up being quite expensive for smaller organizations to operate, though, which is why many people are choosing the NIST CSF instead. You should always consider various factors, such as organizational size and specific needs, the type of threats faced, and the budget available for implementation when selecting the framework for your organization.
\n\nRelevant websites for this episode
\n\nThe NIST Cyber Security Framework (CSF) - https://www.nist.gov/cyberframework
\n\nThe 18 CIS Critical Security Controls - https://www.cisecurity.org/controls/cis-controls-list
\n\nOther Relevant Episodes
\n\nEP 62 \u2013 The NIST Cybersecurity Framework
\n\nEP 79 \u2013 Mid-Career Transition Success Story with Steve McMichael
\n\nEP 83 \u2013 Automating NIST Risk Management Frameowrk with Rebecca Onuskanich