Making the Most of the NIST Cybersecurity FrameworkRsam's Vivek Shivananda on Using the Framework as a Guideline for Action
The National Institute of Standards and Technology's Cybersecurity Framework (NIST CSF) is giving CISOs a foundation for communicating more clearly with the board about security issues, says Vivek Shivananda of Rsam.
"The word 'cybersecurity' is probably the best thing that happened to information security professionals. It gave us a seat at the table," he says. "Given that now we have a seat at the table, we need to answer two important questions to the board: One, how are we doing against the cybersecurity framework? And two, what executives want to know is: If there is a breach or an attack, are we ready to respond?"
In a video interview at Information Security Media Group's recent New York City Fraud and Breach Prevention Summit, Shivananda:
- Discusses using the framework at a guideline for action;
- Describes how the pending updated version of the framework offers guidance on vendor risk management;
- Tells how Rsam is helping organizations embrace the framework and improve breach preparedness.
Shivananda is co-founder and CEO at Rsam, a risk and compliance solutions provider. Prior to Rsam, Vivek was COO of eB Networks and held management and consulting positions at Cap Gemini. He is a frequent guest speaker at industry conferences.