Yet another day in the life of a security consultant. COO (and vCISO at ‘Client’): We should do NIST CSF assessments. Make it so.Me and Team: Got it! Here we go, who will be the first client?COO: We’ll be the first client!Me: Great!Me: - Reminder: No wrong answers! The whole point is to see what you have in place when compared to the various domains and controls/requirements identified by NIST.COO: WOAH WOAH WOAH this is NOT what I wanted. This scope is too broad! We gotta pare this down.Me: …#nist #csf #framework #assessment #justdoit
