Learn to identify, protect, defend, and recover from cyber incidents

The NIST 2.0 Cybersecurity Framework delivers clear guidance on applying the gold standard NIST framework in complex, real-world situations. Drawing on her extensive cybersecurity research and reporting, author Cynthia Brumfield explains how to identify risks, defend against threats, and recover from incidents using compelling case studies.

The book examines high-profile incidents, including Microsoft’s Midnight Blizzard attack, the Ticketmaster data breach, and the Columbus ransomware incident, to illustrate NIST functions, and inform readers on how to create asset inventories, implement protective measures, detect suspicious activity, respond to incidents, and establish governance policies. Each chapter provides implementation examples, references, and demystification of NIST framework controls for securing assets and managing risks.

The book includes:

• Real-world case studies from Microsoft, Ticketmaster, MGM Resorts and Caesars Entertainment, and other organizations that illustrate practical applications of the NIST framework
• Implementation guidance covering all six NIST functions: Identify, Protect, Detect, Respond, Recover, and Govern
• Chapter summaries and quizzes that reinforce learning objectives and help readers assess their understanding
• Clear and concise explanations of how to achieve the outcomes articulated across the NIST categories and subcategories

Whether you’re a student, organizational decision-maker, IT professional, public or private cybersecurity worker, or government contractor, this book provides the practical knowledge needed to implement the NIST 2.0 Framework effectively. You’ll learn from real-world failures and successes to build a robust cybersecurity program.

CYNTHIA BRUMFIELD is a veteran technology and communications industry writer, analyst, and publisher who now focuses exclusively on cybersecurity. She publishes a leading cybersecurity news destination, Metacurity.com, and is the author of Cybersecurity Risk Management. She has also written extensively for cybersecurity publications including CSO Online and Cyberscoop. Her work has won numerous AZBEE awards from the American Society of Business Publication Editors and The Folio: Eddie & Ozzie Awards.