NIST Cybersecurity Framework

AWS has a huge library of fantastic resources. This post highlights the recently updated whitepaper aligning the NIST Cybersecurity Framework to AWS.

“NIST Cybersecurity Framework, Aligning to the NIST CSF in the AWS Cloud”, does exactly what the subtitle promises.

This paper aligns the NIST CSF to the AWS Cloud.

I call out a few more details in the Twitter thread below…

Tweet 1/5 👇 Next tweet

today I'm taking a look at "NIST Cybersecurity Framework, Aligning to the NIST CSF in the AWS Cloud" which...um...aligns @NISTcyber's framework with @awscloud designs

PDF 📁: https://d1.awsstatic.com/whitepapers/compliance/NIST_Cybersecurity_Framework_CSF.pdf?did=wp_card&trk=wp_card

🧵☁️ #cloud #infosec

@marknca tweeted at 03-Nov-2021, 10:55

Tweet 2/5 👇 Next tweet 👆 Start

read the thread unrolled at https://t.co/LKnrxH9Sp0

yesterday's thread is up at https://markn.ca/2021/reactive-systems-on-aws/

🧵☁️ #cloud #infosec #devops

@marknca tweeted at 03-Nov-2021, 10:55

Tweet 3/5 👇 Next tweet 👆 Start

the structure of the paper 📑 is simple. a few use cases and then best practices by @nistcyber CSF core function:

- identify - protect - detect - respond - recover

...and finally an alignment of @awscloud services with the framework

🧵☁️ #cloud #infosec

@marknca tweeted at 03-Nov-2021, 10:55

Tweet 4/5 👇 Next tweet 👆 Start

the use cases are handy, but really ANYONE can benefit from looking at the framework. it's right on pg 3, @nistcyber CSF is "a simple-yet-effective construct" for your security efforts

it looks at practice, outcomes, and controls

🧵☁️ #cloud #infosec

@marknca tweeted at 03-Nov-2021, 10:55

Tweet 5/5 👇 Next tweet 👆 Start

as an aside, @nistcyber has documented the framework thoroughly. you can check it out at https://www.nist.gov/cyberframework

at that site, you'll find the framework, a "new to framework" guide, and material for learning specific aspects of the CSF

🧵☁️ #cloud #infosec

@marknca tweeted at 03-Nov-2021, 10:55

👆 Start