RISK MANAGEMENT FRAMEWORK (RMF) V2
RISK MANAGEMENT FRAMEWORK (RMF)
V2.0
Derek Duchein, CISSP, CRISC
Cybersecurity Professor, DAU derek.duchein@dau.mil
CHRONOLOGY
SP 800-37 Rev. 1 published February 2010 (Updated 6/5/2014)
"Guide for Applying the Risk Management Framework to Federal Information Systems: a Security Life Cycle Approach"
DODI 8510.01 published March 2014 (updated 7/28/2017 - DIACAP to RMF timing and Coast Guard Applicability).
SP 800-37 Rev. 2 published December 2018
"Risk Management Framework for Information
Systems and Organizations: A System Life Cycle
Approach for Security and Privacy"
2
WHY RMF 2.0?
3
4
5
CYBERSECURITY POSTURE
"The cybersecurity of our weapons and networks needs increased attention. In support of that, the Department needs to evolve how we monitor our cybersecurity posture. The two-phase Cooperative Vulnerability and Penetration Assessment (CVPA) and Adversarial Assessment (AA) approach currently outlined in DOT&E test guidance is necessary to help inform the cybersecurity posture of DOD systems, but is not sufficient. This testing has greatly improved our understanding of cyber vulnerabilities, but in addition to dedicated assessments, DOD systems must be built to include technologies to continuously monitor cybersecurity, and automatically find and patch software vulnerabilities. Periodic assessments by Red Teams alone are not adequate, because the security of system software can change at any time due to operator errors, or adversary cyber-attacks." (p. i)
6
7
8
................
................
In order to avoid copyright disputes, this page is only a partial summary.
To fulfill the demand for quickly locating and searching documents.
It is intelligent file search solution for home and business.
Related download
- the risk management framework and cyber resiliency
- ai risk management framework concept paper
- nist risk management framework overview
- risk management framework process map
- risk management framework rmf v2
- nist risk management framework rmf process nisp workflow
- automated nist risk management framework kdm analytics
- servicenow continuous authorization and monitoring
- nist risk management framework quick start guide roles and
- integrating the risk management framework rmf with devops
Related searches
- quality management framework definition
- vendor management framework pdf
- vendor management framework template
- nist risk management framework pdf
- nist risk management framework 2019
- enterprise risk management framework coso
- enterprise risk management framework template
- enterprise risk management framework examples
- risk management framework template
- enterprise risk management framework models
- enterprise risk management framework pdf
- enterprise risk management framework ppt