Cyber Resilience in Practice: Demo of The MITRE CREF Navigator Tool
About this talk
Demonstration utilizing an online tool, the CREF Navigator™, to apply cyber resiliency considerations from NIST SP 800-160 Volume 2 (Rev 1) to common use cases.
Comprehensive technical frameworks are usually voluminous including several definitions, concepts, relationships, tables, and references with linkages to other key frameworks or publications. NIST SP 800-160 Volume 2 (Rev 1): “Developing Cyber-Resilient Systems” is the leading framework defining and impacting the cyber resiliency space for US federal information systems. It is a comprehensive framework that is generally applicable and can be adopted by any organization seeking comprehensive and well-defined cyber resilience guidance. The publication which is over 300 pages centers around the Cyber Resiliency Engineering Framework (CREF) whose constructs include, in addition to the definition of cyber resiliency, four goals, eight objectives, fifteen techniques, fifty approaches, and fourteen design principles and their many to many relationships.
ISSA is the community of choice for international cybersecurity professionals dedicated to advancing individual growth, managing technology risk and protecting critical information and infrastructure.…