Book Image

Unveiling the NIST Risk Management Framework (RMF)

By : Thomas Marsland
Book Image

Unveiling the NIST Risk Management Framework (RMF)

By: Thomas Marsland

Overview of this book

This comprehensive guide provides clear explanations, best practices, and real-world examples to help readers navigate the NIST Risk Management Framework (RMF) and develop practical skills for implementing it effectively. By the end, readers will be equipped to manage and mitigate cybersecurity risks within their organization.
Table of Contents (17 chapters)
Free Chapter
1
Part 1: Introduction to the NIST Risk Management Framework
5
Part 2: Implementing the NIST RMF in Your Organization
10
Part 3: Advanced Topics and Best Practices

Case studies and examples

Despite my best efforts, it’s not easy to locate organizations telling their story of implementing the NIST RMF. In fact, I was only able to locate one – the University of Florida. Our case study focuses on an implementation at the University of Florida. This was discussed at the NIST High-Performance Computing Workshop in 2018. The case study, titled Applying NIST Risk Management Framework to Controlled Unclassified Information on High-Performance Computing (HPC), focuses on the application of the NIST RMF to manage risks associated with controlled unclassified information (CUI) in a high-performance computing environment.

You can read about it here: https://www.nist.gov/system/files/documents/2018/03/28/erik_-_rmf-to-cui-for-hpc-lessons-deumens.pdf.

Here is a summary of the key points and the implementation process.

Background and context

Before we dive into the case study, we have to provide some context and background:

    ...