NIST Cybersecurity and Risk Management Frameworks

You're watching ITProTV. [MUSIC] Hey, thank you for choosing ITProTV. I'm your host Zach Memos for NIST cyber security and risk management frameworks, a great course. And joining me is our subject matter expert, Adam Gordon. Hello, everybody. Zach, how you doing? I'm doing well. So nice to see you here. Looking sniffy in that sweater, I like that Well, I know and you know, things a little bit different, aren't they? They are, you don't always see me in a jacket. Well, we're part of the ACI Learning company right now and so we have a little bit of ACI action going on, lovely sweater here. And before we get going talking about the course, tell us a little bit about yourself. Well, for those of you that are familiar with Zach and I, both are each of us individually from the ITProTV world. You'll know that I've been in the industry, working as an IT professional, an audit professional for decades. At this point in my career, I'm a consultant, I work with customers, helping them to implement IT security and infrastructure and audit that security and infrastructure posture for them globally. I have for a very long time, I work with governments, with militaries, private and public sectors all over the world. I also spend my time roughly splitting my time equally in that respect with doing what we call here at ACI Learning, entertainment. Spend my time, as many of us do here in the ACI studios, spending time with you. Helping create engaging and innovative, and creative content, in this case, around the NIST CSF, cybersecurity and RMF, first management frameworks. And our conversation around those frameworks is what we're gonna be spending time going through, and hopefully you'll join us for that journey. Well, I want to and I'm going to. [LAUGH] I hope so because I can't do it without you. Let me ask you this, what's in it for me, what can we hope to learn? So, when we think about what's in it for all of us, right? Whether you're an IT professional, whether you're an audit professional, perhaps both as I am and many of you, maybe. There's gonna be a lot of discussion about both the cybersecurity framework as well as the risk management framework. Whether it's individual or collective in terms of how you approach one or both of those. We're gonna take a look at what NIST's guidance on those frameworks is? Why those frameworks are important to IT and audit professionals? How that guidance can be used to drive the understanding of risk? But also then the addressing of risk remediation and control based activities. And from an audit, and compliance perspective, we bring that oversight and that verification validation to bear for the betterment of the organization. And that's really what we wanna focus on, and understand is the most valuable aspect of what we can help you to go through this part of the course. And lastly, why are you excited about this course? Well, I'm excited because I get to wear a jacket which I never get to do. It's very rare these days I get to dress up. So you're gonna see me in a sport coat and a collar shirt. Several of them actually throughout the course cuz I do have several wardrobe changes which is also exciting. But I'm excited, number one, to get to spend time with Zach. And both of us I think, it's fair to say are excited about being able to spend time with you talking about the frameworks. Helping you to walk through them in new and interesting ways. Certainly many of the traditional aspects of what we do here at ITProTV as we go through the course will be familiar to you. Some of which you may not have seen before aside from the wardrobe, obviously. But we will be looking at things from a slightly different perspective. We'll take some opportunities to invite you to have self-directed exercises, as well as case study driven interactions. And we'll certainly take a lot of time and effort to break down the material, explain how it all is connected. And to remind you constantly of the importance of looking at this from the real world perspectives of both an IT as well as an audit professional. And see how that guidance can be applied to your everyday practice, to the betterment of your organization. But also the betterment of your customers and your clients as you seek to put this into practice with them. Thank you, my jacketed and friend, and thank you. And by the way, NIST cyber security and risk management framework sounds like something you'd be interested in. You can check it out in our course library. This is Zach for ITProTV. I'm Adam Gordon. See you soon. Take care everybody. Thank you for watching ITProTV. [MUSIC] [BLANK_AUDIO]