NIST CSF Effectiveness: Controls & Quantification – Sponsored Webinar with Ostrich Cyber-Risk

In this webinar, Greg Spicer, Co-Founder and CRO of Ostrich Cyber Risk, along with Kevin Gelsthorpe and John Feezell of Kyndryl, will dive into the intricacies of identifying your biggest cyber risks using NIST Cybersecurity Framework (NIST CSF).

We then will explore how to determine which controls most effectively mitigate these risks and how to quantify their effectiveness in financial terms, and influence decisions with stakeholders in your business. 

Sponsored by Ostrich Cyber-Risk.

Additional Resources:

Measuring and Managing Information Risk by Jack Jones and Jack Freund

https://www.amazon.com/Measuring-Managing-Information-Risk-Approach/dp/0124202314

Possible Data Sources:

https://www.cyentia.com/

https://www.advisenltd.com/risk-insight-risk-professionals/

https://www.idc.com/

https://commercial.allianz.com/news-and-insights/reports/allianz-risk-barometer.html

https://riskacademy.blog/

https://www.linkedin.com/company/cyber-rescue-alliance/posts/?feedView=all

Controls Mapping Sources:

https://www.cisa.gov/news-events/news/best-practices-mitre-attckr-mapping

https://mitre-engenuity.org/cybersecurity/center-for-threat-informed-defense/our-work/nist-800-53-control-mappings/ 

Jack Jones Defense of FAIR:

https://www.fairinstitute.org/blog/jack-jones-rebuts-fair-fatigue-an-article-filled-with-misrepresentations-of-factor-analysis-of-information-risk-fair-the-standard-for-risk-quantification