[cabf_netsec] NCSSR Restructuring: NIST Cybersecurity Framework Core
Ben Wilson
benwilsonusa at gmail.com
Mon Feb 10 12:12:27 MST 2020
Thanks! For context, I'm playing with different ways to re-organize the
CABF Network and Certificate System Security requirements. See
https://cabforum.org/network-security-requirements/
I don't want to simply add new section numbers. I want a stable outline
that can be used in the future (so that we won't have to restructure the
framework every couple of years).
On Mon, Feb 10, 2020 at 12:01 PM Tony Rutkowski <tony at yaana.com> wrote:
> Hi Ben,
>
>
>
> One of the problems here is that the CSC components have evolved in ways
> that are not reflected in the older ETSI documents. That’s why we brought
> the newer spec on middleboxes. In addition, the CIS Controls continue to
> evolve in ways that improve their functionality and enable the kind of
> extensibility and integration you are seeking for the CA/B security
> platform.
>
>
>
> I’m looping in the real experts here -Tony Sager, Phyllis Lee, and Curt
> Dukes who head the teams of people and outreach with the community that
> underly the Controls. I think they can clarify any perceived
> inadequacies. They are also intimately familiar with how the CIS Controls
> map to the NIST and dozens of other frameworks out there.
>
>
>
> Best,
> tony
>
>
>
> *From:* Netsec <netsec-bounces at cabforum.org> *On Behalf Of *Ben Wilson
> via Netsec
> *Sent:* 10 February, 2020 1:54 PM
> *To:* Tony Rutkowski <Tony.Rutkowski at cisecurity.org>
> *Cc:* CABF Network Security List <netsec at cabforum.org>
> *Subject:* Re: [cabf_netsec] NCSSR Restructuring: NIST Cybersecurity
> Framework Core
>
>
>
> I like the coverage of ETSI TR 103 305-1, but the outline (CSC1 to CSC20)
> might not allow for placeholders in the middle, i.e., it isn't very
> extensible. I like NIST's use of lettered-groups/acronyms, which organize
> the security functionalities and control categories (see below). Also, I
> know I'm being a little picky, but some of the CSCs aren't written with an
> active verb -- e.g. CSCs 4, 10, 13, 14, and 15 say, "The processes and
> tools used to ...."
>
>
>
> FUNCTION
>
> Identify (ID)
>
> Asset Management (ID.AM)
>
> Business Environment (ID.BE)
>
> Governance (ID.GV)
>
> Risk Assessment (ID.RA)
>
> Risk Management Strategy (ID.RM)
>
> Supply Chain Risk Management (ID.SC)
>
> Protect (PR)
>
> Identity Management, Authentication and Access Control (
> PR.AC)
>
> Awareness and Training (PR.AT)
>
> Data Security (PR.DS)
>
> Information Protection Processes and Procedures (PR.IP)
>
> Maintenance (PR.MA)
>
> Protective Technology (PR.PT)
>
> Detect (DE)
>
> Anomalies and Events (DE.AE)
>
> Security Continuous Monitoring (DE.CM)
>
> Detection Processes (DE.DP)
>
> Respond (RS)
>
> Response Planning (RS.RP)
>
> Communications (RS.CO)
>
> Analysis (RS.AN)
>
> Mitigation (RS.MI)
>
> Improvements (RS.IM)
>
> Recover (RC)
>
> Recovery Planning (RC.RP)
>
> Improvements (RC.IM)
>
> Communications (RC.CO)
>
>
>
> On Mon, Feb 10, 2020 at 9:45 AM Ben Wilson <benwilsonusa at gmail.com> wrote:
>
> Thanks, Tony. I will take a look at these today.
>
>
>
> On Mon, Feb 10, 2020 at 8:48 AM Tony Rutkowski <
> Tony.Rutkowski at cisecurity.org> wrote:
>
> Hi Ben,
>
>
>
> You might want to be aware of ETSI’s much more comprehensive version of
> that Framework for both European and global use based on the CIS Controls
> – which also includes backward compatibility with NIST’s framework. Also
> included is the near final draft of the Controls for middlebox use – which
> also includes the latest version of the Controls.
>
>
>
> Best,
> tony
>
>
>
> *From:* Netsec <netsec-bounces at cabforum.org> *On Behalf Of *Ben Wilson
> via Netsec
> *Sent:* 10 February, 2020 10:20 AM
> *To:* CABF Network Security List <netsec at cabforum.org>
> *Subject:* [cabf_netsec] NCSSR Restructuring: NIST Cybersecurity
> Framework Core
>
>
>
> This morning during our call, I thought we might want to take a look at
> the NIST Cybersecurity Framework Core.
>
>
>
> https://www.nist.gov/cyberframework/framework
>
> https://www.nist.gov/document/2018-04-16frameworkv11core1xlsx
>
> https://nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.04162018.pdf
>
>
>
>
>
> This message and attachments may contain confidential information. If it
> appears that this message was sent to you by mistake, any retention,
> dissemination, distribution or copying of this message and attachments is
> strictly prohibited. Please notify the sender immediately and permanently
> delete the message and any attachments.
>
> . . . . .
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/netsec/attachments/20200210/b0c985c2/attachment.html>
More information about the Netsec
mailing list