NIST recently released the draft Privacy Framework to help organizations manage risk imposed by holding and processing privacy data. This session shares lessons learned during the journey to develop the Privacy Framework and how it can be used along with the NIST Cybersecurity Framework.
In 2018, NIST initiated a year long process for collaborating with industry to define a framework to help identify, assess, manage, and communicate privacy risks and to increase trust in products and services. This session will discuss the components of the Privacy and Cybersecurity Frameworks and help attendees understand how to leverage the composite knowledge captured by the frameworks to gain efficiencies. Additionally, the session will review use cases, aligned to the frameworks, to demonstrate how organizations can leverage the guidance and implementation steps to understand and improve their cybersecurity and privacy programs.
- Identifying the appropriate risk-informed program for your organization
- How the Privacy Framework helps organizations manage privacy risks
- How the Cybersecurity Framework helps organizations manage cybersecurity risks
- Analyze the objectives and outcomes described in the Cybersecurity and Privacy Framework Cores
- Understand the process leveraged by NIST to develop the new Privacy Framework
Technical Level: Low