EP 83: Automating NIST Risk Management Framework with Rebecca Onuskanich

EP 83: Automating NIST Risk Management Framework with Rebecca Onuskanich

Author: Kip Boyle November 11, 2022 Duration: 44:52
Your Cyber Path: How to Get Your Dream Cybersecurity Job
BusinessCareersEducationHow ToSelf ImprovementTechnology

https://www.yourcyberpath.com/83/

In this episode, we go more in depth with the NIST RMF, answering extremely important questions about the different steps of the process and the checklist mentality that can be developed when implementing RMF.

Rebecca Onuskanich, CEO of the International Cyber Institute, is here to share with us some of her knowledge gained throughout her 20 years of experience with security compliance and how eMASS is used to implement RMF and its real-world adaptation.

Alongside Kip, Rebecca goes over her experience with RMF discussing how different backgrounds can influence the implementation and that a lot of people will have to get over the rigid mentality of RMF in favor of a more technical, real-world, viable approach.

Especially when facing the challenge of implementing RMF with different systems, including legacy systems.

They also unpack eMASS, who can use it, what are the requirements to use eMASS, what are its limitations, how it helps support the process, and if there are any other ways to implement RMF, highlighting that the current direction is to emphasize resilience and survivability and always put the mission first.

What You’ll Learn

How is RMF adapted in the real world?

● How to make the best use of RMF?

●     How do the NIST CSF and the RMF compare to one another?

●     What is eMASS?

Relevant Websites For This Episode

●     www.YourCyberPath.com

●    www.nist.gov

Other Relevant Episodes

●    Episode 80 - Risk Management Framework with Drew Church

●    Episode 62 - The NIST Cybersecurity Framework

●  Episode 56 - Cybersecurity careers in the Defense sector


Navigating a career in cybersecurity can feel like a maze without a clear map. Your Cyber Path: How to Get Your Dream Cybersecurity Job, hosted by Kip Boyle, cuts through the noise by focusing on the perspective of the people who actually make hiring decisions. This isn't just generic advice; it's a direct line to understanding what employers are truly looking for in candidates, from entry-level roles to advanced positions. Each episode delves into the practical, often unspoken, steps needed to build your skills, craft your resume, and ace interviews in this competitive field. You'll hear concrete strategies for bridging the gap between where you are now and that ideal job, all framed within the broader contexts of business, technology, and personal growth. Tune into this podcast for honest conversations that translate complex career pathways into actionable plans, helping you move forward with confidence. Whether you're considering a pivot or aiming to advance, the guidance here is rooted in real-world hiring dynamics, making it a valuable resource for anyone serious about building a future in cybersecurity.
Author: Language: English Episodes: 100

Official website RSS
Your Cyber Path: How to Get Your Dream Cybersecurity Job
Podcast Episodes
EP 65: How to Best Prepare for a Role in the SOC [not-audio_url] [/not-audio_url]

Duration: 42:15
https://www.yourcyberpath.com/65 In this episode, we are focused on preparing for a role in a security operations center (SOC). To be effective in a SOC, you need to understand how everything works, including promotions,…
EP 63: Top Five Reasons Why You’re Not Getting a Job Right Now [not-audio_url] [/not-audio_url]

Duration: 30:57
https://www.yourcyberpath.com/63 In this episode, we discuss the top five reasons why you may not be getting a job in the cybersecurity industry right now. After working in the cybersecurity industry for many years, Kip…
EP 62: The NIST Cybersecurity Framework [not-audio_url] [/not-audio_url]

Duration: 31:34
https://www.yourcyberpath.com/62 In this episode, we cover the importance of the NIST Cybersecurity Framework (NIST CSF) and its use in managing risk as a business process within your organizations. The NIST Cybersecurit…
EP 61: Skills-based Certification and Training with John Strand [not-audio_url] [/not-audio_url]

Duration: 37:46
https://www.yourcyberpath.com/61 In this episode, we talked with John Strand (Founder of Black Hills Information Security and Antisyphon InfoSec Training) about the importance of skills-based certification and training.…
EP 59: Five things to know before you get into cybersecurity [not-audio_url] [/not-audio_url]

Duration: 30:39
https://www.yourcyberpath.com/59 About This Episode In this episode, we learn about the five things you should know before getting a job in the cybersecurity industry. First, we discussed what the reality is in terms of…
EP 58: How to Get Hired With No Experience [not-audio_url] [/not-audio_url]

Duration: 47:06
https://www.yourcyberpath.com/58 In this episode, we’re going to learn how one person was able to overcome the catch-22 of getting a cybersecurity job when you don’t have experience, but you cannot get experience because…
Ep. 57 Best time of the year to get hired [not-audio_url] [/not-audio_url]

Duration: 16:36
https://www.yourcyberpath.com/57 About This Episode In this episode, we are discussing the different hiring seasons in the cybersecurity industry. After all, understanding the different hiring seasons is essential to rea…
EP 56: Cybersecurity careers in the Defense sector [not-audio_url] [/not-audio_url]

Duration: 47:05
https://www.yourcyberpath.com/56 In this episode, we provided an introduction to cybersecurity careers in the defense sector within the United States. This discussion can provide you with a great starting point for under…

«12345678910»