ExtraHop CIO John Matthews recently delivered a talk for the ISC2 Security Briefings On Demand series on how to use these frameworks to achieve a more proactive security posture and a more effective SOC. In the talk he covers:
- Strengths, weaknesses, and overlap between the CIS Top 20, NIST Cybersecurity Framework, and MITRE ATT&CK Framework
- Benefits of process and how security and IT Operations can work together
- How the rise of TLS 1.3 encryption with perfect forward secrecy impacts an organization's ability to measure the efficacy of their frameworks and processes
- Tips for building a security operations practice that can scale by choosing the right components from each framework, depending on the maturity of your company and security practice
You can view the security briefing here to get started learning more about these often challenging-to-implement, but ultimately rewarding, frameworks.
This briefing is worth one Continuing Professional Education (CPE) credit towards the CISSP certification for viewers who complete the full session.
View the webinar now: