Newsflash! The NIST Cybersecurity Framework (CSF) was never intended to be something you could “do.” It’s supposed to be something you can “use.”
But that’s often easier said than done. The CSF can be a confusing and intimidating process to go through. So, if you're at a loss about how to implement it, you're not alone.
Watch the video overview
But rest assured, since the CSF was released back in 2013, lots of organizations have done it, including Expel. Like others, we’ve found it to be a useful tool to help us understand where we are and where we’re going as we grow our broader cyber risk management program.
Or, if blogs aren't your thing, read the whitepaper (PDF) version.
How to get started
with the NIST
by Bruce Potter, CISO, Expel