EP 83: Automating NIST Risk Management Framework with Rebecca Onuskanich

https://www.yourcyberpath.com/83/

In this episode, we go more in depth with the NIST RMF, answering extremely important questions about the different steps of the process and the checklist mentality that can be developed when implementing RMF.

Rebecca Onuskanich, CEO of the International Cyber Institute, is here to share with us some of her knowledge gained throughout her 20 years of experience with security compliance and how eMASS is used to implement RMF and its real-world adaptation.

Alongside Kip, Rebecca goes over her experience with RMF discussing how different backgrounds can influence the implementation and that a lot of people will have to get over the rigid mentality of RMF in favor of a more technical, real-world, viable approach.

Especially when facing the challenge of implementing RMF with different systems, including legacy systems.

They also unpack eMASS, who can use it, what are the requirements to use eMASS, what are its limitations, how it helps support the process, and if there are any other ways to implement RMF, highlighting that the current direction is to emphasize resilience and survivability and always put the mission first.

What You’ll Learn

● How is RMF adapted in the real world?

● How to make the best use of RMF?

●     How do the NIST CSF and the RMF compare to one another?

●     What is eMASS?

Relevant Websites For This Episode

●     www.YourCyberPath.com

●    www.nist.gov

Other Relevant Episodes

●    Episode 80 - Risk Management Framework with Drew Church

●    Episode 62 - The NIST Cybersecurity Framework

●  Episode 56 - Cybersecurity careers in the Defense sector