Security operations · 2 MIN READ · BRUCE POTTER · MAR 3, 2020 · TAGS: CISO / Framework / How to / NIST / Planning
Why we like the NIST CSF
There’s a lot to like about the NIST CSF:
- A regulatory-agnostic framework like the CSF helps drive more mature security programs. With the CSF, companies can easily and consistently assess where they are today and where they want to be from a cybersecurity standpoint.
- It’s a great way to democratize security and bring risk management to the masses. We like that it demystifies a complex subject and allows less technical orgs to transact on security in a meaningful way.
- It helps orgs of all shapes and sizes measure and report on their respective security programs. This might be our favorite thing about the NIST CSF — the framework gives security professionals, regardless of the organization they’re in, a standardized way to measure and talk about their security maturity, and the progress they’re making on those efforts. Whether you’re making the case for additional security budget or presenting to your board of directors, the NIST CSF gives you a tangible and effective way to do that.
Making the NIST CSF into something actionable for your org
While there are lots of positives about the NIST CSF, we get that putting it into practice is sometimes easier said than done. How exactly do you take a framework and implement it, let alone track how you’re doing?
Now available: the NIST CSF dashboard in Expel Workbench™
If you’re an Expel customer, we’ve got an even better way for you to take advantage of our NIST CSF self-scoring tool.
We just introduced an interactive version of our NIST CSF self-scoring tool right in Expel Workbench™.
Now it’s even easier to use the CSF, measure your progress and report on it … all of which is done through the same interface you use every day to manage your org’s security.
Take a look:
Here’s the NIST CSF Dashboard for Expel Workbench™, available right in the same interface you use to to keep tabs on your org’s security.
Here’s a closer look at the dashboard and the self-scoring mechanisms.
See it for yourself
Here at Expel we use the NIST CSF self-scoring tool to measure our own progress when it comes to security, and lots of our customers use it too. They’ve told us the tool is easy to use, effective and helps them measure and track their security programs.
Want to check out Expel Workbench™ and see how it can help you streamline your security operations? Give us a shout — we’d love to talk.