all InfoSec news
CIS controls and Risk Assessment
Jan. 8, 2023, 1:22 a.m. | /u/irtiash
cybersecurity www.reddit.com
If you use CIS IG1 for a small company, do you first start with the risk management? Or since the most critical controls are already selected in priority you don't need to do that.
If you do which framework would you use. Nist RMF might be too complex. CIS RAM?
Would you do assessment after you have deployed controls 1 and 2?
Regards
assessment cis cis controls controls critical cybersecurity don framework management nist risk risk assessment risk management rmf start
More from www.reddit.com / cybersecurity
Jobs in InfoSec / Cybersecurity
Social Engineer For Reverse Engineering Exploit Study
@ Independent study | Remote
Data Privacy Manager m/f/d)
@ Coloplast | Hamburg, HH, DE
Cybersecurity Sr. Manager
@ Eastman | Kingsport, TN, US, 37660
KDN IAM Associate Consultant
@ KPMG India | Hyderabad, Telangana, India
Learning Experience Designer in Cybersecurity (f/m/div.) (Salary: ~113.000 EUR p.a.*)
@ Bosch Group | Stuttgart, Germany
Senior Security Engineer - SIEM
@ Samsara | Remote - US