RESPOND TO THESE DISCUSSION POST BASED ON THE TOPIC “First, review the National Institute of Standards and Technology (NIST) website.
Then, in your initial post, discuss the importance of the website to you as a cybersecurity risk assessor.”
In response to your peers, discuss different uses of the site to include tools and resources that can help you in your risk assessment efforts.
(TWO (2) PARAGRAPHS EACH WITH REFERENCES ON EACH OF THEM SEPARATELY, NOT TOGETHER)
Discussions: How to get a better grade!
The Critical Thinking aspect of the discussion rubric is awarded based on “Draws insightful conclusions that are thoroughly defended with evidence and examples.” The easiest way to do this is to compare or contrast with other articles, or make inferences and conclusions from two or more articles (main reading and one other). Here is an example:
Defining and controlling Scope, within the Risk Management Plan, is important because it keeps costs down and projects on schedule. According to Gibson (2003), the key to handling scope-creep is to control the changes and make acceptable changes as identified by the stakeholders. The Project Management Institute (PMI, 2017) says that changes to scope should be though “formal change control procedures” (para. 1). From these ideas, I’d conclude that task 1-2 SCOPE (NIST 800-30, p. L-1) should include Change Management boards or committees that validate and approve all changes to scope.
Gibson, D. (2003) Managing risk in information systems, 2nd Ed (ebook). Vidal Source: Jones and Bartlett learning
NIST SP80-30r1. (2012). Guide for conducting risk assessments. Retrieved from http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-30r1.pdf
PMI, (2017). Scope management. Retrieved from https://www.pmi.org/learning/featured-topics/scope
1.JffyCrs Rsk Assr n NIST wbt
As a risk assessor, the National Institute of Standards and Technology (NIST) website is valuable. The source of information, the Information Technology Laboratory, which is within NIST, is widely used in the field of IT risk management (Gibson, 2014). A risk assessor uses a specific process to identify and evaluate risks based on an analysis of threats and vulnerabilities to assets. The NIST website provides the framework necessary to perform a complete RA, and it’s available in the public domain according to Title 17 of the United States Code (NIST, 2018).
Why is it important the NIST website is made available to the public? Because, NIST attends and holds public workshops and conferences to gather input about what types of information would be useful to industry, Federal, and state governments. The information they provide, e.g. the framework for risk assessors, is up-to-date, objective, clear, and accurate (NIST, 2016). It is their quality of standards that that exalts their framework from others.
In addition, they provide up-to-date vulnerability feeds keeping security professionals informed and ready to respond by mitigating or accepting impending high, medium, or low impact level threats. Once a one-time import of the complete data set using the compressed XML vulnerability feeds is complete, the modified feeds can be updated without having to import the entire data set over again (NIST, 2017). This saves a risk assessor valuable time and keeps them in a perpetual cycle of receiving fresh vulnerability information.
As cybersecurity risk assessor the National Institute of Standards and Technology is an essential tool. After, the reviewing of the website it was discovered that valuable information was presented such as National Vulnerability Database News, automation of vulnerability management, security measurement, and compliance. National Vulnerability Database includes databases of security checklists, security related software flaws, misconfigurations, product names, Common Vulnerability Scoring System Calculator, and impact metrics (National Institute of Standards and Technology, 2017).
All the information above are important to an organization operation based on the security of its data. Also, the National Institute of Standards and Technology compensate the basic three security controls used to develop a company’s security plan. By having updated information available on a day to day base will give the cybersecurity risk assessor and the company away to keeping its security plan in place. As well as the organization can maintain the security breaches to a minimum.
PLEASE READ THIS.IT IS VERY IMPORTANT
Allow your discussion posts to be detailed and capable of sharing knowledge, ideas and points. You must discuss the topic using your own words first. Using your own words indicate you understand the topic of discussions. Secondly, you must cite your sources in-text. This is necessary to justify your points. Sources from several sources showed good research abilities. Lastly, you must provide references at the bottom of your post. A discussion post without justification with sources does not show proper research abilities. A terse and not detailed discussions represent post that would not provide enough sharing of knowledge or proper understanding of the topic. DO NOT just copy and paste a sentence from online with citation at the end as your own discussion. I have not asked for definitions, I asked for discussions and will not buy this. You must show understanding of the discussion topic by using your own words to describe the topic and then justify that with sources.
www.citationmachine.net to format references into the APA style if necessary. Extremely important. Intext citations is very essential and highly needed as well.
use double spacing, 12-point Times New Roman font, and one-inch margins. Sources should be cited according to APA citation method (citation should be relevant and current). Page-length requirements:2 PAPARAGRAPHS FOR EACH PROMPT ANSWER. Make sure you cite if you take a piece of someone’s work, very important and your reference should relate to your writing (don’t cite a reference because it relates to the course and not this very paper) at least 2 current and relevant academic references. No heavy paraphrasing of others work.
Hi there! Click one of our representatives below and we will get back to you as soon as possible.