NIST CSF under the microscope, part 4

In the final part of our analysis of the NIST Cybersecurity Framework for Improving Critical Infrastructure Cybersecurity (NIST CSF) we look at the big picture and elaborate on similarities and differences between the CSF and our own RIPE Framework. Maybe the most...

Experience RIPE in Munich and Washington DC

You’ve heard and read about the RIPE Framework and want to learn more? Here’s your chance. For the first time we present all the details to a limited audience: See all the RIPE templates (policies and SOPs, plant planning guidelines, procurement guidelines,...

NIST CSF under the microscope, part 3

In the third part of our analysis of the NIST Cybersecurity Framework for Improving Critical Infrastructure Cybersecurity (NIST CSF) we focus on the 98 “subcategories” of the Framework Core that provide most of its meat. The Subcategories identify various cyber...

Nothing to Fear but Fear (i.e., Regulation) Itself

The big debate now seems to be: Can any industry, let alone an individual company, actually provide a level of security (physical or cyber) consistent with national security requirements? Jesse Berst in a recent article quoted the CEO of the North American Electric...

NIST CSF under the microscope, part 2

In the first part of our analysis of the NIST Cyber Security Framework for Improving Critical Infrastructure Cybersecurity (NIST CSF) we have seen that the Framework is more of a conceptual model of how to talk and think about cyber risk rather than a method to...