By, Kathryn Daily, CISSP, CGRC, RDRP Over a decade ago NIST published the Cybersecurity Framework as a base set of standards, guidelines, and best practices to manage cybersecurity risks for...
Continue Reading
by Lon J. Berman, CISSP, RDRP The year 2020 will be remembered for lots of things, not the least of which was the “great toilet tissue shortage.” Who can forget...
Continue Reading
As of 4:30 eastern time, I was able to login to RMF Knowledge Service. Hopefully it’s back for good.
Well as you probably know if you're here, RMF Knowledge Service has been down for several months for unknown reasons. This morning the page loaded, and presented a login option,...
Continue Reading
Are you going to Technet Augusta? So are we! (Did we just become best friends? 👫) Come see us at booth 216. We will have informational handouts, RMF hot sauce, and maybe a funny joke. 🥳
By Amanda Lowell, Security+ CE, RDRP My friends and I joke that being in the field of cybersecurity is equivalent to searching for unicorns–achieving cybersecurity is a myth… Let me explain. The “cybersecurity” buzzword, as it is thrown around by executives today, is a myth. The concept of…
A reader who calls herself “Thirsting for Knowledge” asks: Dear Dr. RMF, Recently I’ve seen a few RMF-related articles online that referred to something called the “knowledge service”. Can you tell me what exactly this service is and if you think it would help me develop my RMF skills. Is…
A reader who calls himself “Dis-appointed?” asks: Dear Dr. RMF, Are appointment letters required to obtain an eMASS account for the roles of ISSO, ISSM, and SCA? Also, are appointment letters required for executing the roles of ISSO, ISSM and SCA (outside of obtaining eMASS accounts)? Dr. RMF Responds: Dear…
This blog excerpt is taken from our July 2023 newsletter. To view the rest of the newsletter, visit rmf.org/newsletter. By Lon J. Berman, CISSP, RDRP When it comes to the future of RMF, rumors abound but truth is hard to come by. In this article, we’ll take a look at…
This blog excerpt is taken from our July 2023 newsletter. To view the rest of the newsletter, visit rmf.org/newsletter. By Kathryn Daily, CISSP, CGRC (Formerly CAP), RDRP NIST SP 800-53 (National Institute of Standards and Technology Special Publication 800-53) provides a set of security and privacy controls for information systems…