31. A Brief History of NIST Guidance

ISO 27001, CMMC, NIST 800-53…   Keeping track of the myriad security guidelines can be tricky.   Especially when you don’t know the “why” behind them.    To help clear things up, in this episode, I speak with the preeminent expert on NIST guidelines, Dr. Ron Ross, Fellow at National Institute of Standards and Technology, and learn not just what the guidelines are — but how and why they came to be that way.    Ron and I discuss:   - The “Why” behind NIST guidance   - How certification standards like ISO 27001 relate to NIST 800-53 and map to each other   - How NIST balances policy and technical-level considerations   To hear this episode, and many more like it, you can subscribe to The Virtual CISO Podcast here.   If you don’t use Apple Podcasts, you can find all our episodes here.  

Om Podcasten

The Virtual CISO Podcast is a frank discussion that provides the very best information security advice and insights for Security, IT and Business leaders. If you’re looking for the latest strategies, tips, and trends from seasoned information security practitioners, want no-B.S. answers to your biggest security questions, need a perspective on how your peers are addressing the same issues, or just simply want to stay informed and proactive, then welcome to the show. Our moderator, John Verry, chats with industry thought leaders to ensure you have what you need to be confident in your security and compliance. John will keep you informed, and perhaps even mildly entertained, through topics like ISO 27001, breach avoidance, incident response, dealing with pesky security questionnaires, data privacy, and managing vendor risk. Think of it as security… with a smile.