EP 114 - NIST CSF Versus The Top 18

EP 114 - NIST CSF Versus The Top 18

Author: Kip Boyle January 19, 2024 Duration: 50:07
Your Cyber Path: How to Get Your Dream Cybersecurity Job
BusinessCareersEducationHow ToSelf ImprovementTechnology

About this episode

In this episode, Kip Boyle and Jason Dion discuss the importance of cybersecurity in the current digital landscape and focus on comparing two different standards: The NIST Cybersecurity Framework and the CIS Top 18.

The NIST Framework was created to assist organizations in becoming cyber resilient and offers an adaptable and comprehensive approach to cyber risks. The CIS Top 18, on the other hand, provides an actionable and practical checklist of controls that is prioritized and sequenced.

Both of these frameworks provide us with cybersecurity measures that can be used for different applications. They can be used individually, or they can work together by complementing each other in a comprehensive cybersecurity strategy.

It is important to realize that the CIS Top 18 can end up being quite expensive for smaller organizations to operate, though, which is why many people are choosing the NIST CSF instead. You should always consider various factors, such as organizational size and specific needs, the type of threats faced, and the budget available for implementation when selecting the framework for your organization.

Relevant websites for this episode

The NIST Cyber Security Framework (CSF) - https://www.nist.gov/cyberframework

The 18 CIS Critical Security Controls - https://www.cisecurity.org/controls/cis-controls-list


Other Relevant Episodes

EP 62 – The NIST Cybersecurity Framework

EP 79 – Mid-Career Transition Success Story with Steve McMichael

EP 83 – Automating NIST Risk Management Frameowrk with Rebecca Onuskanich


Navigating a career in cybersecurity can feel like a maze without a clear map. Your Cyber Path: How to Get Your Dream Cybersecurity Job, hosted by Kip Boyle, cuts through the noise by focusing on the perspective of the people who actually make hiring decisions. This isn't just generic advice; it's a direct line to understanding what employers are truly looking for in candidates, from entry-level roles to advanced positions. Each episode delves into the practical, often unspoken, steps needed to build your skills, craft your resume, and ace interviews in this competitive field. You'll hear concrete strategies for bridging the gap between where you are now and that ideal job, all framed within the broader contexts of business, technology, and personal growth. Tune into this podcast for honest conversations that translate complex career pathways into actionable plans, helping you move forward with confidence. Whether you're considering a pivot or aiming to advance, the guidance here is rooted in real-world hiring dynamics, making it a valuable resource for anyone serious about building a future in cybersecurity.
Author: Language: English Episodes: 100

Official website RSS
Your Cyber Path: How to Get Your Dream Cybersecurity Job
Podcast Episodes
EP 65: How to Best Prepare for a Role in the SOC [not-audio_url] [/not-audio_url]

Duration: 42:15
https://www.yourcyberpath.com/65 In this episode, we are focused on preparing for a role in a security operations center (SOC). To be effective in a SOC, you need to understand how everything works, including promotions,…
EP 63: Top Five Reasons Why You’re Not Getting a Job Right Now [not-audio_url] [/not-audio_url]

Duration: 30:57
https://www.yourcyberpath.com/63 In this episode, we discuss the top five reasons why you may not be getting a job in the cybersecurity industry right now. After working in the cybersecurity industry for many years, Kip…
EP 62: The NIST Cybersecurity Framework [not-audio_url] [/not-audio_url]

Duration: 31:34
https://www.yourcyberpath.com/62 In this episode, we cover the importance of the NIST Cybersecurity Framework (NIST CSF) and its use in managing risk as a business process within your organizations. The NIST Cybersecurit…
EP 61: Skills-based Certification and Training with John Strand [not-audio_url] [/not-audio_url]

Duration: 37:46
https://www.yourcyberpath.com/61 In this episode, we talked with John Strand (Founder of Black Hills Information Security and Antisyphon InfoSec Training) about the importance of skills-based certification and training.…
EP 59: Five things to know before you get into cybersecurity [not-audio_url] [/not-audio_url]

Duration: 30:39
https://www.yourcyberpath.com/59 About This Episode In this episode, we learn about the five things you should know before getting a job in the cybersecurity industry. First, we discussed what the reality is in terms of…
EP 58: How to Get Hired With No Experience [not-audio_url] [/not-audio_url]

Duration: 47:06
https://www.yourcyberpath.com/58 In this episode, we’re going to learn how one person was able to overcome the catch-22 of getting a cybersecurity job when you don’t have experience, but you cannot get experience because…
Ep. 57 Best time of the year to get hired [not-audio_url] [/not-audio_url]

Duration: 16:36
https://www.yourcyberpath.com/57 About This Episode In this episode, we are discussing the different hiring seasons in the cybersecurity industry. After all, understanding the different hiring seasons is essential to rea…
EP 56: Cybersecurity careers in the Defense sector [not-audio_url] [/not-audio_url]

Duration: 47:05
https://www.yourcyberpath.com/56 In this episode, we provided an introduction to cybersecurity careers in the defense sector within the United States. This discussion can provide you with a great starting point for under…

«12345678910»