EP 114 - NIST CSF Versus The Top 18

EP 114 - NIST CSF Versus The Top 18

Author: Kip Boyle January 19, 2024 Duration: 50:07
Your Cyber Path: How to Get Your Dream Cybersecurity Job
BusinessCareersEducationHow ToSelf ImprovementTechnology

About this episode

In this episode, Kip Boyle and Jason Dion discuss the importance of cybersecurity in the current digital landscape and focus on comparing two different standards: The NIST Cybersecurity Framework and the CIS Top 18.

The NIST Framework was created to assist organizations in becoming cyber resilient and offers an adaptable and comprehensive approach to cyber risks. The CIS Top 18, on the other hand, provides an actionable and practical checklist of controls that is prioritized and sequenced.

Both of these frameworks provide us with cybersecurity measures that can be used for different applications. They can be used individually, or they can work together by complementing each other in a comprehensive cybersecurity strategy.

It is important to realize that the CIS Top 18 can end up being quite expensive for smaller organizations to operate, though, which is why many people are choosing the NIST CSF instead. You should always consider various factors, such as organizational size and specific needs, the type of threats faced, and the budget available for implementation when selecting the framework for your organization.

Relevant websites for this episode

The NIST Cyber Security Framework (CSF) - https://www.nist.gov/cyberframework

The 18 CIS Critical Security Controls - https://www.cisecurity.org/controls/cis-controls-list


Other Relevant Episodes

EP 62 – The NIST Cybersecurity Framework

EP 79 – Mid-Career Transition Success Story with Steve McMichael

EP 83 – Automating NIST Risk Management Frameowrk with Rebecca Onuskanich


Navigating a career in cybersecurity can feel like a maze without a clear map. Your Cyber Path: How to Get Your Dream Cybersecurity Job, hosted by Kip Boyle, cuts through the noise by focusing on the perspective of the people who actually make hiring decisions. This isn't just generic advice; it's a direct line to understanding what employers are truly looking for in candidates, from entry-level roles to advanced positions. Each episode delves into the practical, often unspoken, steps needed to build your skills, craft your resume, and ace interviews in this competitive field. You'll hear concrete strategies for bridging the gap between where you are now and that ideal job, all framed within the broader contexts of business, technology, and personal growth. Tune into this podcast for honest conversations that translate complex career pathways into actionable plans, helping you move forward with confidence. Whether you're considering a pivot or aiming to advance, the guidance here is rooted in real-world hiring dynamics, making it a valuable resource for anyone serious about building a future in cybersecurity.
Author: Language: English Episodes: 100

Official website RSS
Your Cyber Path: How to Get Your Dream Cybersecurity Job
Podcast Episodes
EP 55: Which cybersecurity certifications should you get? [not-audio_url] [/not-audio_url]

Duration: 37:59
https://www.yourcyberpath.com/55 In this episode, we are focused on the ever-divisive question of the importance of certifications in the cybersecurity industry. The answer to this question has changed over time from cer…
EP 54: New Cohost Jason Dion [not-audio_url] [/not-audio_url]

Duration: 11:26
For the past year, my good friend Wes Shriner has been my cohost. We’ve created some great episodes together, which I hope have helped you. These days Wes is super busy in his new role as Chief Information Security Offic…
EP 52: Replay of "Security Awareness Training" [not-audio_url] [/not-audio_url]

Duration: 1:04:10
This week we are highlighting one of our popular episodes! First covered back in Episode 40, we covered the topic of Security Awareness Training, and wanted to revisit it again in this epsiode. Looking for a nontechnical…
EP 51: What does it take to lead a Cybersecurity Program? Part 2 [not-audio_url] [/not-audio_url]

Duration: 47:13
In episode 50, we showed you the first half of Kip's presentation with Ritsumeikan Asia Pacific University, where Kip talked with the students about Cybersecurity Management. This is the second half of this 2 part series…
EP 50: What does it take to lead a Cybersecurity Program? [not-audio_url] [/not-audio_url]

Duration: 50:31
"Recently, I was asked to be a guest speaker for Professor Kevin Cooney at Ritsumeikan Asia Pacific University, to talk with his students about Cybersecurity Management. I have split this up into two sections, the first…
EP 49: Why Entry Level Jobs Aren't Really Entry Level [not-audio_url] [/not-audio_url]

Duration: 20:40
In today’s episode I want to answer a common question that I get: “Why do all the cybersecurity job postings ask for 5 years of experience but they're labeled as entry level positions?” Can playing capture the flag also…
EP 48: Anatomy of a Ransomware Attack [not-audio_url] [/not-audio_url]

Duration: 1:00:42
Due to recent Cyber Attacks, we are going to share a replay of a continuing legal education course that Kip Boyle and Jake Bernstein have recently done. In this session, they will walk you through two different ransomwar…
EP 47: How to Use Your Transferrable Skills [not-audio_url] [/not-audio_url]

Duration: 35:48
Our guest Marc Menninger joins Kip Boyle in this episode. Marc is the Director of Information Security with A Place For Mom. He is also a cybersecurity hiring manager. Listen to the tips he gives on how to use your trans…
EP 46: ATS Secrets--Boost your Resume with these Clever Tips [not-audio_url] [/not-audio_url]

Duration: 23:20
Our guest Arthureen Brown joins Kip Boyle in this episode. Arthureen is a Business Information Security Officer (BISO) with Altria. She is also a cybersecurity hiring manager. Listen to the tips she gives on how to get y…

«1...345678910»