NO MONKEY Security Matrix
The NIST Cybersecurity Framework
The NIST CSF provides guidance on how organizations can assess and improve their ability to prevent, detect, and respond to cyber-attacks. The main focus is prioritizing and managing cybersecurity risk. It has five main functions, with 23 categories to narrow down on specific cybersecurity topics. The functions, which are shown in our matrix and presented on the NIST website, are the following:
IdentifyDevelop an organizational understanding to manage cybersecurity risk to systems, people, assets, data, and capabilities.
ProtectDevelop and implement appropriate safeguards to ensure delivery of critical services.
DetectDevelop and implement appropriate activities to identify the occurrence of a cybersecurity event.
RespondDevelop and implement appropriate activities to take action regarding a detected cybersecurity incident.
RecoverDevelop and implement appropriate activities to maintain plans for resilience and to restore any capabilities or services that were impaired due to a cybersecurity incident.
The functions provide an overview of what each course and training will be about. We reference the categories to help define the learning goals in each lesson. This helps focus the learning goals, so each person can learn what is important to them without having to go through long courses with information they already know.
To learn more about the NIST CSF, you can read about it here.
The IPAC Model
Since the NIST CFS is not specifically designed for SAP, we have come up with these four different security areas to focus the security topics to an SAP application. The areas are;
IntegrationFocus of different integration scenarios within SAP systems themselves, as well as third-party tools integrating with an SAP environment.
PlatformConsideration of the vulnerabilities, hardening, and configuration of the SAP software.
AccessConsideration of access control and user authorizations measures and methodologies of SAP software.
CustomizationConsideration of the customization of SAP software - including change management, custom code, business customizing, legacy interfaces, and add-ons.
Applying the Matrix
The matrix is the basis for our courses and our classroom trainings. All of our lessons fall within one of the cross-sections. Not only is it is easier for you to know exactly what each course is going to cover, but it allows you to decide what courses fit your lesson plan without having to read long descriptions.
We also use this to show what areas within your company are the strongest and what could use more attention. Interested in seeing how? Contact us, and we can show you how to apply the matrix to your company!
Pricing
We offer a token-based payment system that you can use for all of our service offerings. We call these credits Kujamebls (qwee-yahm-bells). read moreContact Us
Fill out this form and we will reach out to you personally. read moreVirtual Classroom Trainings
All the benefits of a classroom training from the comfort of your own desk! Sign up today. read more