1
1

00:00:00,000  -->  00:00:03,180
<v ->Congratulations, you've made it to the end of the course.</v>
2

2

00:00:03,180  -->  00:00:06,060
We've covered a lot of material during our time together.
3

3

00:00:06,060  -->  00:00:08,400
Throughout this course, we've covered all seven steps
4

4

00:00:08,400  -->  00:00:10,110
of the NIST Risk Management Framework
5

5

00:00:10,110  -->  00:00:13,410
and how to begin implementing RMF in your own organization.
6

6

00:00:13,410  -->  00:00:15,060
<v ->First, we began by introducing</v>
7

7

00:00:15,060  -->  00:00:16,980
the Risk Management Framework
8

8

00:00:16,980  -->  00:00:19,320
by providing an overview of RMF
9

9

00:00:19,320  -->  00:00:21,960
and briefly looking at each of its seven steps,
10

10

00:00:21,960  -->  00:00:24,030
so you can get a high level overview
11

11

00:00:24,030  -->  00:00:27,600
of what RMF is and how it's used.
12

12

00:00:27,600  -->  00:00:30,570
Then we moved into some important details
13

13

00:00:30,570  -->  00:00:33,750
concerning how information security and privacy
14

14

00:00:33,750  -->  00:00:38,750
are integrated into RMF and how the authorization boundaries
15

15

00:00:38,850  -->  00:00:40,890
for a given system are created.
16

16

00:00:40,890  -->  00:00:44,790
We also discussed how supply chain risk management
17

17

00:00:44,790  -->  00:00:48,930
is implemented inside of the Risk Management Framework.
18

18

00:00:48,930  -->  00:00:51,810
<v ->Then we took a look at how flexible RMF can be</v>
19

19

00:00:51,810  -->  00:00:52,920
and we discussed the differences
20

20

00:00:52,920  -->  00:00:54,570
between requirements and controls
21

21

00:00:54,570  -->  00:00:57,330
because most people get these two vital areas confused
22

22

00:00:57,330  -->  00:00:59,610
when they're trying to select and implement various controls
23

23

00:00:59,610  -->  00:01:01,500
for their IT systems.
24

24

00:01:01,500  -->  00:01:04,470
<v ->Next, we looked at each of the seven steps</v>
25

25

00:01:04,470  -->  00:01:07,290
of the Risk Management Framework in more depth,
26

26

00:01:07,290  -->  00:01:09,750
including how to prepare your organization
27

27

00:01:09,750  -->  00:01:13,080
and your system for the RMF process,
28

28

00:01:13,080  -->  00:01:16,680
how to categorize your system, how to select your controls,
29

29

00:01:16,680  -->  00:01:19,770
how to implement those selected controls,
30

30

00:01:19,770  -->  00:01:22,530
how to assess those very same controls,
31

31

00:01:22,530  -->  00:01:24,900
how to gain authorization of your system,
32

32

00:01:24,900  -->  00:01:27,720
and how to monitor the system over time
33

33

00:01:27,720  -->  00:01:30,300
to make sure it's operating as expected.
34

34

00:01:30,300  -->  00:01:33,780
As we dove into each step, we covered not just the theory
35

35

00:01:33,780  -->  00:01:37,920
or details from the Risk Management Framework documentation,
36

36

00:01:37,920  -->  00:01:41,070
but we also shared our decades of experience with you
37

37

00:01:41,070  -->  00:01:44,970
by pointing out the common pitfalls, landmines,
38

38

00:01:44,970  -->  00:01:47,550
and errors that people commonly make
39

39

00:01:47,550  -->  00:01:50,673
when implementing RMF in the real world.
40

40

00:01:51,600  -->  00:01:53,700
<v ->After that, we covered some other topics</v>
41

41

00:01:53,700  -->  00:01:55,170
that are going to be important to understand
42

42

00:01:55,170  -->  00:01:56,880
when you're implementing RMF,
43

43

00:01:56,880  -->  00:01:58,770
including how you can automate RMF,
44

44

00:01:58,770  -->  00:02:00,120
an introduction to eMASS,
45

45

00:02:00,120  -->  00:02:02,370
the Enterprise Mission Assurance Support Service
46

46

00:02:02,370  -->  00:02:04,200
which is used to collect data for RMF
47

47

00:02:04,200  -->  00:02:06,300
and help you navigate the entire process,
48

48

00:02:06,300  -->  00:02:08,880
and how you can combine the Risk Management Framework
49

49

00:02:08,880  -->  00:02:11,940
with the NIST Cybersecurity Framework, known as CSF,
50

50

00:02:11,940  -->  00:02:13,800
in order to gain additional efficiencies
51

51

00:02:13,800  -->  00:02:15,360
and how you can use both of these
52

52

00:02:15,360  -->  00:02:18,210
to increase the overall security of your systems.
53

53

00:02:18,210  -->  00:02:19,860
<v ->So at this point, you've learned</v>
54

54

00:02:19,860  -->  00:02:22,590
everything you need to know to get started
55

55

00:02:22,590  -->  00:02:24,390
using the Risk Management Framework
56

56

00:02:24,390  -->  00:02:26,640
in your own organization.
57

57

00:02:26,640  -->  00:02:29,190
We truly hope that you've enjoyed this course
58

58

00:02:29,190  -->  00:02:32,730
and want to dive deeper into the world of cybersecurity
59

59

00:02:32,730  -->  00:02:33,960
and risk management.
60

60

00:02:33,960  -->  00:02:36,270
And if you do, you can continue to learn
61

61

00:02:36,270  -->  00:02:38,420
from Jason and me over at yourcyberpath.com
62

62

00:02:40,050  -->  00:02:45,050
and by listening to our free podcast, "Your Cyber Path".
63

63

00:02:45,067  -->  00:02:47,310
<v ->"Your Cyber Path" is a podcast that provides you</v>
64

64

00:02:47,310  -->  00:02:49,410
with advice from experienced hiring managers
65

65

00:02:49,410  -->  00:02:51,870
and seeks to make you irresistible to hiring managers
66

66

00:02:51,870  -->  00:02:54,060
inside of the cybersecurity industry.
67

67

00:02:54,060  -->  00:02:56,250
In addition to listening to our free podcast,
68

68

00:02:56,250  -->  00:02:57,930
you can also sign up for our mentor notes
69

69

00:02:57,930  -->  00:03:00,090
at yourcyberpath.com.
70

70

00:03:00,090  -->  00:03:02,340
This free email newsletter is designed to help
71

71

00:03:02,340  -->  00:03:05,460
people like you transform into cybersecurity professionals
72

72

00:03:05,460  -->  00:03:07,260
by sharing our best tips, tricks,
73

73

00:03:07,260  -->  00:03:10,140
and stories by email every other week.
74

74

00:03:10,140  -->  00:03:13,080
<v ->So if you are trying to make a career change</v>
75

75

00:03:13,080  -->  00:03:16,320
into the highly in demand cybersecurity industry,
76

76

00:03:16,320  -->  00:03:18,960
or if you're just trying to get promoted
77

77

00:03:18,960  -->  00:03:21,510
from an individual contributor role
78

78

00:03:21,510  -->  00:03:25,260
into a supervisory or executive position,
79

79

00:03:25,260  -->  00:03:28,500
I recommend checking out "Your Cyber Path" today
80

80

00:03:28,500  -->  00:03:30,030
so that we can help you
81

81

00:03:30,030  -->  00:03:32,190
develop not just your own action plan,
82

82

00:03:32,190  -->  00:03:34,980
but your own cyber path.
83

83

00:03:34,980  -->  00:03:36,780
<v ->And if you're a cyber security professional</v>
84

84

00:03:36,780  -->  00:03:38,880
who needs to obtain their industry certifications
85

85

00:03:38,880  -->  00:03:40,680
to continue advancing in your career,
86

86

00:03:40,680  -->  00:03:42,360
we have you covered there, too.
87

87

00:03:42,360  -->  00:03:45,240
Come over to diontraining.com where we have numerous courses
88

88

00:03:45,240  -->  00:03:46,890
to help you earn your certifications,
89

89

00:03:46,890  -->  00:03:49,253
including your CompTIA Security+, CYSA+,
90

90

00:03:50,474  -->  00:03:52,830
PenTest+, and CASP+ certifications,
91

91

00:03:52,830  -->  00:03:54,780
as well as the entire ideal career path
92

92

00:03:54,780  -->  00:03:56,820
to help you stand out from the crowd.
93

93

00:03:56,820  -->  00:03:59,190
If you use the coupon code UDEMY at checkout,
94

94

00:03:59,190  -->  00:04:01,080
you're also going to get an exclusive discount
95

95

00:04:01,080  -->  00:04:02,850
on any of our certification courses
96

96

00:04:02,850  -->  00:04:05,610
and test vouchers over at diontraining.com
97

97

00:04:05,610  -->  00:04:09,210
as a special thank you for joining us in this RMF course.
98

98

00:04:09,210  -->  00:04:11,730
So once again, congratulations on making it
99

99

00:04:11,730  -->  00:04:12,960
to the end of the course.
100

100

00:04:12,960  -->  00:04:14,490
We wish you the best as you begin to use
101

101

00:04:14,490  -->  00:04:16,020
the NIST Risk Management Framework
102

102

00:04:16,020  -->  00:04:18,720
in your own organization to better prepare your systems
103

103

00:04:18,720  -->  00:04:20,880
and to mitigate the threats and vulnerabilities
104

104

00:04:20,880  -->  00:04:22,560
facing your organization.
105

105

00:04:22,560  -->  00:04:23,547
We hope you enjoy the course
106

106

00:04:23,547  -->  00:04:25,200
and we look forward to seeing you again
107

107

00:04:25,200  -->  00:04:27,600
in a future course as you continue to climb upwards
108

108

00:04:27,600  -->  00:04:29,220
in your career in cybersecurity,
109

109

00:04:29,220  -->  00:04:31,520
vulnerability management, and risk management.
110

110

00:04:33,002  -->  00:04:34,991
(intense music)