EP 114 - NIST CSF Versus The Top 18

About this episode

In this episode, Kip Boyle and Jason Dion discuss the importance of cybersecurity in the current digital landscape and focus on comparing two different standards: The NIST Cybersecurity Framework and the CIS Top 18.

The NIST Framework was created to assist organizations in becoming cyber resilient and offers an adaptable and comprehensive approach to cyber risks. The CIS Top 18, on the other hand, provides an actionable and practical checklist of controls that is prioritized and sequenced.

Both of these frameworks provide us with cybersecurity measures that can be used for different applications. They can be used individually, or they can work together by complementing each other in a comprehensive cybersecurity strategy.

It is important to realize that the CIS Top 18 can end up being quite expensive for smaller organizations to operate, though, which is why many people are choosing the NIST CSF instead. You should always consider various factors, such as organizational size and specific needs, the type of threats faced, and the budget available for implementation when selecting the framework for your organization.

Relevant websites for this episode

The NIST Cyber Security Framework (CSF) - https://www.nist.gov/cyberframework

The 18 CIS Critical Security Controls - https://www.cisecurity.org/controls/cis-controls-list

Other Relevant Episodes

EP 62 – The NIST Cybersecurity Framework

EP 79 – Mid-Career Transition Success Story with Steve McMichael

EP 83 – Automating NIST Risk Management Frameowrk with Rebecca Onuskanich