Expel unveils updated NIST CSF 2.0 Getting Started Toolkit

Popular guide and self-scoring spreadsheet aid organisations in charting a course for continuous cybersecurity program improvement.

  • Thursday, 14th March 2024 Posted 1 year ago in by Phil Alsop

Expel has unveiled the updated version of its National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) Getting Started toolkit. The kit, which includes a “getting started” guide and a self-scoring spreadsheet, helps security leaders and operators assess their cybersecurity postures, aligned with the recently released version 2.0 of the NIST CSF.

“Over the last decade, the NIST CSF has been a critical tool for companies in determining their cybersecurity readiness and assessing where they can improve—and version 2.0 expands on that foundation,” said Greg Notch, Chief Information Security Officer, Expel. “Even the strongest security programs have room for improvement. Our NIST CSF kit makes it easy for security teams to understand the latest updates to the framework, and provides up-to-date resources to better understand how their programs and controls rate across critical security functions.”

A recent research study conducted by the SANS Institute (sponsored by Expel) found that almost three-quarters (74%) of companies that use a framework use the NIST CSF. Version 2.0 of the frameworks expands on the previous iteration, introducing a new “Govern” function that offers a better understanding of how to prioritise investments to improve risk posture across the CSF’s other function areas—Identify, Protect, Detect, Response, and Recover. The latest update also adds Framework Tiers, which characterise the typical rigour of cybersecurity risk governance and management practices throughout an organisation.

Expel’s NIST CSF guide helps security leaders and operators understand how to approach the framework and make sense of its functions, categories, subcategories, and tiers. The self-scoring spreadsheet allows users to evaluate their current, future, and goal states for each outcome in the CSF, while also offering clear charts for resource allocation guidance.

Notch continues: “The recommendations in the NIST CSF are designed to be easy to understand and implement, but can seem intimidating to those folks who are assessing their orgs with it for the first time. This kit makes it simple for teams to complete their initial assessments using the new framework in just a couple of hours. More importantly, it sets up teams to conduct future assessments at regular intervals so they can focus on continuous improvement.”

The structured program helps channel partners assess where to start their AI journey and enhances their AI competitiveness in the evolving digital...
Extended options, automated approvals, and a seamless funding experience provide partners with more ways to address new business opportunities.

Vortex 6 and Jigsaw collaborate

Posted 1 day ago by Phil Alsop
Vortex 6, a leader in enabling Cisco partners to maximize their vendor relationships, has formed a strategic partnership with Jigsaw Advisory Ltd, a...

virtualDCS strengthens leadership team

Posted 3 days ago by Phil Alsop
Cloud hosting and cyber resilience specialist virtualDCS has unveiled a new senior leadership team as it enters its next major growth phase, backed...

Bitdefender and Techs + Together partner

Posted 5 days ago by Phil Alsop
Bitdefender and Techs + Together, a global managed service provider (MSP) community designed to empower MSPs through collective knowledge and shared...
Research revealed at Coterie Connect event highlights shifting team structures, evolving skills priorities, and urgent training needed for partner...

HP 'turbocharges' partner growth

Posted 1 week ago by Phil Alsop
Introduces new partner compensation booster, expands Amplify AI program and exceeds sustainability targets.

Global Switch expands global sales network

Posted 1 week ago by Phil Alsop
Global Switch has formed a partnership with AI and cloud solutions provider AVANT, bringing the company’s portfolio of low latency, network dense...