1
1
00:00:00,000 --> 00:00:03,180
Congratulations, you've made it to the end of the course.
2
2
00:00:03,180 --> 00:00:06,060
We've covered a lot of material during our time together.
3
3
00:00:06,060 --> 00:00:08,400
Throughout this course, we've covered all seven steps
4
4
00:00:08,400 --> 00:00:10,110
of the NIST Risk Management Framework
5
5
00:00:10,110 --> 00:00:13,410
and how to begin implementing RMF in your own organization.
6
6
00:00:13,410 --> 00:00:15,060
First, we began by introducing
7
7
00:00:15,060 --> 00:00:16,980
the Risk Management Framework
8
8
00:00:16,980 --> 00:00:19,320
by providing an overview of RMF
9
9
00:00:19,320 --> 00:00:21,960
and briefly looking at each of its seven steps,
10
10
00:00:21,960 --> 00:00:24,030
so you can get a high level overview
11
11
00:00:24,030 --> 00:00:27,600
of what RMF is and how it's used.
12
12
00:00:27,600 --> 00:00:30,570
Then we moved into some important details
13
13
00:00:30,570 --> 00:00:33,750
concerning how information security and privacy
14
14
00:00:33,750 --> 00:00:38,750
are integrated into RMF and how the authorization boundaries
15
15
00:00:38,850 --> 00:00:40,890
for a given system are created.
16
16
00:00:40,890 --> 00:00:44,790
We also discussed how supply chain risk management
17
17
00:00:44,790 --> 00:00:48,930
is implemented inside of the Risk Management Framework.
18
18
00:00:48,930 --> 00:00:51,810
Then we took a look at how flexible RMF can be
19
19
00:00:51,810 --> 00:00:52,920
and we discussed the differences
20
20
00:00:52,920 --> 00:00:54,570
between requirements and controls
21
21
00:00:54,570 --> 00:00:57,330
because most people get these two vital areas confused
22
22
00:00:57,330 --> 00:00:59,610
when they're trying to select and implement various controls
23
23
00:00:59,610 --> 00:01:01,500
for their IT systems.
24
24
00:01:01,500 --> 00:01:04,470
Next, we looked at each of the seven steps
25
25
00:01:04,470 --> 00:01:07,290
of the Risk Management Framework in more depth,
26
26
00:01:07,290 --> 00:01:09,750
including how to prepare your organization
27
27
00:01:09,750 --> 00:01:13,080
and your system for the RMF process,
28
28
00:01:13,080 --> 00:01:16,680
how to categorize your system, how to select your controls,
29
29
00:01:16,680 --> 00:01:19,770
how to implement those selected controls,
30
30
00:01:19,770 --> 00:01:22,530
how to assess those very same controls,
31
31
00:01:22,530 --> 00:01:24,900
how to gain authorization of your system,
32
32
00:01:24,900 --> 00:01:27,720
and how to monitor the system over time
33
33
00:01:27,720 --> 00:01:30,300
to make sure it's operating as expected.
34
34
00:01:30,300 --> 00:01:33,780
As we dove into each step, we covered not just the theory
35
35
00:01:33,780 --> 00:01:37,920
or details from the Risk Management Framework documentation,
36
36
00:01:37,920 --> 00:01:41,070
but we also shared our decades of experience with you
37
37
00:01:41,070 --> 00:01:44,970
by pointing out the common pitfalls, landmines,
38
38
00:01:44,970 --> 00:01:47,550
and errors that people commonly make
39
39
00:01:47,550 --> 00:01:50,673
when implementing RMF in the real world.
40
40
00:01:51,600 --> 00:01:53,700
After that, we covered some other topics
41
41
00:01:53,700 --> 00:01:55,170
that are going to be important to understand
42
42
00:01:55,170 --> 00:01:56,880
when you're implementing RMF,
43
43
00:01:56,880 --> 00:01:58,770
including how you can automate RMF,
44
44
00:01:58,770 --> 00:02:00,120
an introduction to eMASS,
45
45
00:02:00,120 --> 00:02:02,370
the Enterprise Mission Assurance Support Service
46
46
00:02:02,370 --> 00:02:04,200
which is used to collect data for RMF
47
47
00:02:04,200 --> 00:02:06,300
and help you navigate the entire process,
48
48
00:02:06,300 --> 00:02:08,880
and how you can combine the Risk Management Framework
49
49
00:02:08,880 --> 00:02:11,940
with the NIST Cybersecurity Framework, known as CSF,
50
50
00:02:11,940 --> 00:02:13,800
in order to gain additional efficiencies
51
51
00:02:13,800 --> 00:02:15,360
and how you can use both of these
52
52
00:02:15,360 --> 00:02:18,210
to increase the overall security of your systems.
53
53
00:02:18,210 --> 00:02:19,860
So at this point, you've learned
54
54
00:02:19,860 --> 00:02:22,590
everything you need to know to get started
55
55
00:02:22,590 --> 00:02:24,390
using the Risk Management Framework
56
56
00:02:24,390 --> 00:02:26,640
in your own organization.
57
57
00:02:26,640 --> 00:02:29,190
We truly hope that you've enjoyed this course
58
58
00:02:29,190 --> 00:02:32,730
and want to dive deeper into the world of cybersecurity
59
59
00:02:32,730 --> 00:02:33,960
and risk management.
60
60
00:02:33,960 --> 00:02:36,270
And if you do, you can continue to learn
61
61
00:02:36,270 --> 00:02:38,420
from Jason and me over at yourcyberpath.com
62
62
00:02:40,050 --> 00:02:45,050
and by listening to our free podcast, "Your Cyber Path".
63
63
00:02:45,067 --> 00:02:47,310
"Your Cyber Path" is a podcast that provides you
64
64
00:02:47,310 --> 00:02:49,410
with advice from experienced hiring managers
65
65
00:02:49,410 --> 00:02:51,870
and seeks to make you irresistible to hiring managers
66
66
00:02:51,870 --> 00:02:54,060
inside of the cybersecurity industry.
67
67
00:02:54,060 --> 00:02:56,250
In addition to listening to our free podcast,
68
68
00:02:56,250 --> 00:02:57,930
you can also sign up for our mentor notes
69
69
00:02:57,930 --> 00:03:00,090
at yourcyberpath.com.
70
70
00:03:00,090 --> 00:03:02,340
This free email newsletter is designed to help
71
71
00:03:02,340 --> 00:03:05,460
people like you transform into cybersecurity professionals
72
72
00:03:05,460 --> 00:03:07,260
by sharing our best tips, tricks,
73
73
00:03:07,260 --> 00:03:10,140
and stories by email every other week.
74
74
00:03:10,140 --> 00:03:13,080
So if you are trying to make a career change
75
75
00:03:13,080 --> 00:03:16,320
into the highly in demand cybersecurity industry,
76
76
00:03:16,320 --> 00:03:18,960
or if you're just trying to get promoted
77
77
00:03:18,960 --> 00:03:21,510
from an individual contributor role
78
78
00:03:21,510 --> 00:03:25,260
into a supervisory or executive position,
79
79
00:03:25,260 --> 00:03:28,500
I recommend checking out "Your Cyber Path" today
80
80
00:03:28,500 --> 00:03:30,030
so that we can help you
81
81
00:03:30,030 --> 00:03:32,190
develop not just your own action plan,
82
82
00:03:32,190 --> 00:03:34,980
but your own cyber path.
83
83
00:03:34,980 --> 00:03:36,780
And if you're a cyber security professional
84
84
00:03:36,780 --> 00:03:38,880
who needs to obtain their industry certifications
85
85
00:03:38,880 --> 00:03:40,680
to continue advancing in your career,
86
86
00:03:40,680 --> 00:03:42,360
we have you covered there, too.
87
87
00:03:42,360 --> 00:03:45,240
Come over to diontraining.com where we have numerous courses
88
88
00:03:45,240 --> 00:03:46,890
to help you earn your certifications,
89
89
00:03:46,890 --> 00:03:49,253
including your CompTIA Security+, CYSA+,
90
90
00:03:50,474 --> 00:03:52,830
PenTest+, and CASP+ certifications,
91
91
00:03:52,830 --> 00:03:54,780
as well as the entire ideal career path
92
92
00:03:54,780 --> 00:03:56,820
to help you stand out from the crowd.
93
93
00:03:56,820 --> 00:03:59,190
If you use the coupon code UDEMY at checkout,
94
94
00:03:59,190 --> 00:04:01,080
you're also going to get an exclusive discount
95
95
00:04:01,080 --> 00:04:02,850
on any of our certification courses
96
96
00:04:02,850 --> 00:04:05,610
and test vouchers over at diontraining.com
97
97
00:04:05,610 --> 00:04:09,210
as a special thank you for joining us in this RMF course.
98
98
00:04:09,210 --> 00:04:11,730
So once again, congratulations on making it
99
99
00:04:11,730 --> 00:04:12,960
to the end of the course.
100
100
00:04:12,960 --> 00:04:14,490
We wish you the best as you begin to use
101
101
00:04:14,490 --> 00:04:16,020
the NIST Risk Management Framework
102
102
00:04:16,020 --> 00:04:18,720
in your own organization to better prepare your systems
103
103
00:04:18,720 --> 00:04:20,880
and to mitigate the threats and vulnerabilities
104
104
00:04:20,880 --> 00:04:22,560
facing your organization.
105
105
00:04:22,560 --> 00:04:23,547
We hope you enjoy the course
106
106
00:04:23,547 --> 00:04:25,200
and we look forward to seeing you again
107
107
00:04:25,200 --> 00:04:27,600
in a future course as you continue to climb upwards
108
108
00:04:27,600 --> 00:04:29,220
in your career in cybersecurity,
109
109
00:04:29,220 --> 00:04:31,520
vulnerability management, and risk management.
110
110
00:04:33,002 --> 00:04:34,991
(intense music)