[Script Info]
Title: 
[Events]
Format: Layer, Start, End, Style, Name, MarginL, MarginR, MarginV, Effect, Text
Dialogue: 0,0:00:00.84,0:00:03.84,Default,,0000,0000,0000,,foreign
Dialogue: 0,0:00:19.52,0:00:21.36,Default,,0000,0000,0000,,introduction to cyber security
Dialogue: 0,0:00:21.36,0:00:25.14,Default,,0000,0000,0000,,Frameworks in today's digital age cyber
Dialogue: 0,0:00:25.14,0:00:27.12,Default,,0000,0000,0000,,security has become a top priority for
Dialogue: 0,0:00:27.12,0:00:29.88,Default,,0000,0000,0000,,individuals and organizations alike with
Dialogue: 0,0:00:29.88,0:00:31.68,Default,,0000,0000,0000,,the increasing number of cyber threats
Dialogue: 0,0:00:31.68,0:00:33.72,Default,,0000,0000,0000,,and attacks it is essential to have a
Dialogue: 0,0:00:33.72,0:00:35.52,Default,,0000,0000,0000,,comprehensive cyber security framework
Dialogue: 0,0:00:35.52,0:00:37.26,Default,,0000,0000,0000,,in place to protect sensitive
Dialogue: 0,0:00:37.26,0:00:39.42,Default,,0000,0000,0000,,information and data cyber security
Dialogue: 0,0:00:39.42,0:00:41.58,Default,,0000,0000,0000,,Frameworks provide a structured approach
Dialogue: 0,0:00:41.58,0:00:43.86,Default,,0000,0000,0000,,to managing and mitigating cyber risks
Dialogue: 0,0:00:43.86,0:00:46.44,Default,,0000,0000,0000,,by outlining best practices guidelines
Dialogue: 0,0:00:46.44,0:00:48.96,Default,,0000,0000,0000,,and standards in this article we will
Dialogue: 0,0:00:48.96,0:00:51.06,Default,,0000,0000,0000,,explore three of the most widely used
Dialogue: 0,0:00:51.06,0:00:53.40,Default,,0000,0000,0000,,cyber security Frameworks this cyber
Dialogue: 0,0:00:53.40,0:00:56.10,Default,,0000,0000,0000,,security framework ISO 270001
Dialogue: 0,0:00:56.10,0:00:58.08,Default,,0000,0000,0000,,information security management system
Dialogue: 0,0:00:58.08,0:01:00.36,Default,,0000,0000,0000,,and CIS controls for Effective cyber
Dialogue: 0,0:01:00.36,0:01:02.28,Default,,0000,0000,0000,,defense by understanding these
Dialogue: 0,0:01:02.28,0:01:03.90,Default,,0000,0000,0000,,Frameworks you can better protect
Dialogue: 0,0:01:03.90,0:01:05.52,Default,,0000,0000,0000,,yourself and your organization from
Dialogue: 0,0:01:05.52,0:01:07.38,Default,,0000,0000,0000,,cyber threats and ensure that your cyber
Dialogue: 0,0:01:07.38,0:01:09.30,Default,,0000,0000,0000,,security measures are up to par with
Dialogue: 0,0:01:09.30,0:01:10.98,Default,,0000,0000,0000,,industry standards
Dialogue: 0,0:01:10.98,0:01:15.42,Default,,0000,0000,0000,,2. this cyber security framework
Dialogue: 0,0:01:15.42,0:01:17.58,Default,,0000,0000,0000,,the nist cyber security framework is a
Dialogue: 0,0:01:17.58,0:01:19.32,Default,,0000,0000,0000,,set of guidelines and best practices
Dialogue: 0,0:01:19.32,0:01:21.42,Default,,0000,0000,0000,,designed to help organizations manage
Dialogue: 0,0:01:21.42,0:01:24.18,Default,,0000,0000,0000,,and reduce cyber security risks it was
Dialogue: 0,0:01:24.18,0:01:26.04,Default,,0000,0000,0000,,developed by the National Institute of
Dialogue: 0,0:01:26.04,0:01:28.68,Default,,0000,0000,0000,,Standards and Technology NISD in
Dialogue: 0,0:01:28.68,0:01:30.98,Default,,0000,0000,0000,,response to executive order
Dialogue: 0,0:01:30.98,0:01:33.72,Default,,0000,0000,0000,,13636 which call for the creation of a
Dialogue: 0,0:01:33.72,0:01:35.16,Default,,0000,0000,0000,,framework that would help critical
Dialogue: 0,0:01:35.16,0:01:37.26,Default,,0000,0000,0000,,infrastructure organizations improve
Dialogue: 0,0:01:37.26,0:01:40.02,Default,,0000,0000,0000,,their cyber security posture the
Dialogue: 0,0:01:40.02,0:01:41.70,Default,,0000,0000,0000,,framework consists of five core
Dialogue: 0,0:01:41.70,0:01:44.28,Default,,0000,0000,0000,,functions identify protect protect
Dialogue: 0,0:01:44.28,0:01:47.28,Default,,0000,0000,0000,,respond and recover each function is
Dialogue: 0,0:01:47.28,0:01:49.38,Default,,0000,0000,0000,,further broken down into categories and
Dialogue: 0,0:01:49.38,0:01:51.36,Default,,0000,0000,0000,,subcategories that provide more specific
Dialogue: 0,0:01:51.36,0:01:53.28,Default,,0000,0000,0000,,guidance on how to implement the
Dialogue: 0,0:01:53.28,0:01:54.54,Default,,0000,0000,0000,,framework
Dialogue: 0,0:01:54.54,0:01:56.76,Default,,0000,0000,0000,,the identify function focuses on
Dialogue: 0,0:01:56.76,0:01:58.92,Default,,0000,0000,0000,,understanding an organization's cyber
Dialogue: 0,0:01:58.92,0:02:01.68,Default,,0000,0000,0000,,security risks and vulnerabilities this
Dialogue: 0,0:02:01.68,0:02:04.14,Default,,0000,0000,0000,,includes identifying all assets systems
Dialogue: 0,0:02:04.14,0:02:06.30,Default,,0000,0000,0000,,and data that need to be protected as
Dialogue: 0,0:02:06.30,0:02:08.16,Default,,0000,0000,0000,,well as assessing the potential impact
Dialogue: 0,0:02:08.16,0:02:10.08,Default,,0000,0000,0000,,of a Cyber attack
Dialogue: 0,0:02:10.08,0:02:11.52,Default,,0000,0000,0000,,the protect function involves
Dialogue: 0,0:02:11.52,0:02:13.38,Default,,0000,0000,0000,,implementing safeguards to protect
Dialogue: 0,0:02:13.38,0:02:15.66,Default,,0000,0000,0000,,against cyber threats this includes
Dialogue: 0,0:02:15.66,0:02:17.58,Default,,0000,0000,0000,,measures such as access controls
Dialogue: 0,0:02:17.58,0:02:19.80,Default,,0000,0000,0000,,encryption and security awareness
Dialogue: 0,0:02:19.80,0:02:21.78,Default,,0000,0000,0000,,training for employees
Dialogue: 0,0:02:21.78,0:02:24.06,Default,,0000,0000,0000,,the detect function involves monitoring
Dialogue: 0,0:02:24.06,0:02:26.10,Default,,0000,0000,0000,,systems and networks for signs of a
Dialogue: 0,0:02:26.10,0:02:28.44,Default,,0000,0000,0000,,Cyber attack this includes implementing
Dialogue: 0,0:02:28.44,0:02:30.30,Default,,0000,0000,0000,,intrusion detection and prevention
Dialogue: 0,0:02:30.30,0:02:32.52,Default,,0000,0000,0000,,systems as well as conducting regular
Dialogue: 0,0:02:32.52,0:02:34.68,Default,,0000,0000,0000,,vulnerability scans and penetration
Dialogue: 0,0:02:34.68,0:02:36.06,Default,,0000,0000,0000,,testing
Dialogue: 0,0:02:36.06,0:02:38.16,Default,,0000,0000,0000,,the respond function involves developing
Dialogue: 0,0:02:38.16,0:02:40.44,Default,,0000,0000,0000,,and implementing a plan to respond to a
Dialogue: 0,0:02:40.44,0:02:42.84,Default,,0000,0000,0000,,Cyber attack this includes establishing
Dialogue: 0,0:02:42.84,0:02:45.42,Default,,0000,0000,0000,,an incident Response Team defining roles
Dialogue: 0,0:02:45.42,0:02:47.34,Default,,0000,0000,0000,,and responsibilities and developing
Dialogue: 0,0:02:47.34,0:02:49.32,Default,,0000,0000,0000,,procedures for containing and mitigating
Dialogue: 0,0:02:49.32,0:02:51.48,Default,,0000,0000,0000,,the effects of an attack
Dialogue: 0,0:02:51.48,0:02:53.70,Default,,0000,0000,0000,,finally recover function involves
Dialogue: 0,0:02:53.70,0:02:56.04,Default,,0000,0000,0000,,restoring normal operations after a
Dialogue: 0,0:02:56.04,0:02:58.62,Default,,0000,0000,0000,,Cyber attack this includes developing a
Dialogue: 0,0:02:58.62,0:03:00.72,Default,,0000,0000,0000,,business continuity plan conducting
Dialogue: 0,0:03:00.72,0:03:03.00,Default,,0000,0000,0000,,backups of critical data and ensuring
Dialogue: 0,0:03:03.00,0:03:05.04,Default,,0000,0000,0000,,that systems can be quickly restored in
Dialogue: 0,0:03:05.04,0:03:08.16,Default,,0000,0000,0000,,the event of an outage overall the nist
Dialogue: 0,0:03:08.16,0:03:10.14,Default,,0000,0000,0000,,cyber security framework provides a
Dialogue: 0,0:03:10.14,0:03:12.18,Default,,0000,0000,0000,,comprehensive approach to managing cyber
Dialogue: 0,0:03:12.18,0:03:14.34,Default,,0000,0000,0000,,security risks by following its
Dialogue: 0,0:03:14.34,0:03:15.66,Default,,0000,0000,0000,,guidelines and best practices
Dialogue: 0,0:03:15.66,0:03:17.64,Default,,0000,0000,0000,,organizations can better protect
Dialogue: 0,0:03:17.64,0:03:19.56,Default,,0000,0000,0000,,themselves against cyber threats and
Dialogue: 0,0:03:19.56,0:03:22.26,Default,,0000,0000,0000,,ensure the confidentiality integrity and
Dialogue: 0,0:03:22.26,0:03:25.56,Default,,0000,0000,0000,,availability of their sensitive data 3.
Dialogue: 0,0:03:25.56,0:03:28.56,Default,,0000,0000,0000,,ISO 27001 information security
Dialogue: 0,0:03:28.56,0:03:32.46,Default,,0000,0000,0000,,management system the iso 27001
Dialogue: 0,0:03:32.46,0:03:34.50,Default,,0000,0000,0000,,information security management system
Dialogue: 0,0:03:34.50,0:03:37.14,Default,,0000,0000,0000,,is a globally recognized framework that
Dialogue: 0,0:03:37.14,0:03:38.88,Default,,0000,0000,0000,,provides a systematic approach to
Dialogue: 0,0:03:38.88,0:03:41.34,Default,,0000,0000,0000,,managing sensitive information it
Dialogue: 0,0:03:41.34,0:03:43.20,Default,,0000,0000,0000,,outlines a set of best practices for
Dialogue: 0,0:03:43.20,0:03:45.54,Default,,0000,0000,0000,,establishing implementing maintaining
Dialogue: 0,0:03:45.54,0:03:47.40,Default,,0000,0000,0000,,and continually improving an
Dialogue: 0,0:03:47.40,0:03:49.14,Default,,0000,0000,0000,,organization's information security
Dialogue: 0,0:03:49.14,0:03:52.20,Default,,0000,0000,0000,,management system the frame work is
Dialogue: 0,0:03:52.20,0:03:54.12,Default,,0000,0000,0000,,designed to help organizations identify
Dialogue: 0,0:03:54.12,0:03:55.68,Default,,0000,0000,0000,,and manage risk to their information
Dialogue: 0,0:03:55.68,0:03:58.08,Default,,0000,0000,0000,,assets including confidential data
Dialogue: 0,0:03:58.08,0:04:00.06,Default,,0000,0000,0000,,intellectual property and customer
Dialogue: 0,0:04:00.06,0:04:02.46,Default,,0000,0000,0000,,information it also helps ensure
Dialogue: 0,0:04:02.46,0:04:05.28,Default,,0000,0000,0000,,compliance with legal Regulatory and
Dialogue: 0,0:04:05.28,0:04:07.20,Default,,0000,0000,0000,,contractual requirements related to
Dialogue: 0,0:04:07.20,0:04:08.84,Default,,0000,0000,0000,,information security
Dialogue: 0,0:04:08.84,0:04:12.30,Default,,0000,0000,0000,,ISO 27001 consists of several key
Dialogue: 0,0:04:12.30,0:04:14.52,Default,,0000,0000,0000,,components including risk assessment and
Dialogue: 0,0:04:14.52,0:04:16.56,Default,,0000,0000,0000,,treatment security controls and
Dialogue: 0,0:04:16.56,0:04:18.72,Default,,0000,0000,0000,,continuous Improvement the framework
Dialogue: 0,0:04:18.72,0:04:20.52,Default,,0000,0000,0000,,emphasizes the importance of a
Dialogue: 0,0:04:20.52,0:04:22.02,Default,,0000,0000,0000,,risk-based approach to information
Dialogue: 0,0:04:22.02,0:04:24.36,Default,,0000,0000,0000,,security which involves identifying
Dialogue: 0,0:04:24.36,0:04:26.16,Default,,0000,0000,0000,,potential threats and vulnerabilities
Dialogue: 0,0:04:26.16,0:04:28.50,Default,,0000,0000,0000,,assessing the likelihood and impact of
Dialogue: 0,0:04:28.50,0:04:30.54,Default,,0000,0000,0000,,those risks and implementing appropriate
Dialogue: 0,0:04:30.54,0:04:33.30,Default,,0000,0000,0000,,controls to mitigate them one of the
Dialogue: 0,0:04:33.30,0:04:36.18,Default,,0000,0000,0000,,strengths of iso 27001 is its
Dialogue: 0,0:04:36.18,0:04:38.58,Default,,0000,0000,0000,,flexibility the framework can be adapted
Dialogue: 0,0:04:38.58,0:04:40.38,Default,,0000,0000,0000,,to suit the specific needs of different
Dialogue: 0,0:04:40.38,0:04:42.66,Default,,0000,0000,0000,,organizations regardless of their size
Dialogue: 0,0:04:42.66,0:04:45.66,Default,,0000,0000,0000,,industry or location it can also be
Dialogue: 0,0:04:45.66,0:04:47.58,Default,,0000,0000,0000,,integrated with other management systems
Dialogue: 0,0:04:47.58,0:04:49.50,Default,,0000,0000,0000,,such as quality management or
Dialogue: 0,0:04:49.50,0:04:51.44,Default,,0000,0000,0000,,Environmental Management to create a
Dialogue: 0,0:04:51.44,0:04:53.70,Default,,0000,0000,0000,,comprehensive approach to organizational
Dialogue: 0,0:04:53.70,0:04:55.14,Default,,0000,0000,0000,,governance
Dialogue: 0,0:04:55.14,0:04:58.20,Default,,0000,0000,0000,,overall the iso 27001 information
Dialogue: 0,0:04:58.20,0:05:00.60,Default,,0000,0000,0000,,security management system is a valuable
Dialogue: 0,0:05:00.60,0:05:02.52,Default,,0000,0000,0000,,tool for organizations looking to
Dialogue: 0,0:05:02.52,0:05:04.38,Default,,0000,0000,0000,,establish a robust and effective
Dialogue: 0,0:05:04.38,0:05:06.78,Default,,0000,0000,0000,,information security program by
Dialogue: 0,0:05:06.78,0:05:08.34,Default,,0000,0000,0000,,following the framework's guidelines
Dialogue: 0,0:05:08.34,0:05:10.50,Default,,0000,0000,0000,,organizations can better protect their
Dialogue: 0,0:05:10.50,0:05:12.72,Default,,0000,0000,0000,,sensitive information reduce the risk of
Dialogue: 0,0:05:12.72,0:05:14.64,Default,,0000,0000,0000,,cyber attacks and demonstrate their
Dialogue: 0,0:05:14.64,0:05:16.62,Default,,0000,0000,0000,,commitment to security to stakeholders
Dialogue: 0,0:05:16.62,0:05:18.62,Default,,0000,0000,0000,,and customers alike
Dialogue: 0,0:05:18.62,0:05:21.72,Default,,0000,0000,0000,,4. CIS controls for Effective cyber
Dialogue: 0,0:05:21.72,0:05:24.60,Default,,0000,0000,0000,,defense the center for Internet Security
Dialogue: 0,0:05:24.60,0:05:27.72,Default,,0000,0000,0000,,Cas controls is a set of best practices
Dialogue: 0,0:05:27.72,0:05:29.88,Default,,0000,0000,0000,,designed to help organizations protect
Dialogue: 0,0:05:29.88,0:05:31.74,Default,,0000,0000,0000,,their systems and data from cyber
Dialogue: 0,0:05:31.74,0:05:34.02,Default,,0000,0000,0000,,threats the controls are organized into
Dialogue: 0,0:05:34.02,0:05:36.96,Default,,0000,0000,0000,,three categories basic foundational and
Dialogue: 0,0:05:36.96,0:05:38.46,Default,,0000,0000,0000,,organizational
Dialogue: 0,0:05:38.46,0:05:40.74,Default,,0000,0000,0000,,the basic controls include measures such
Dialogue: 0,0:05:40.74,0:05:42.72,Default,,0000,0000,0000,,as inventory and control of Hardware
Dialogue: 0,0:05:42.72,0:05:45.66,Default,,0000,0000,0000,,assets inventory and control of software
Dialogue: 0,0:05:45.66,0:05:47.76,Default,,0000,0000,0000,,assets continuous vulnerability
Dialogue: 0,0:05:47.76,0:05:49.68,Default,,0000,0000,0000,,management and controlled use of
Dialogue: 0,0:05:49.68,0:05:52.20,Default,,0000,0000,0000,,administrative privileges these controls
Dialogue: 0,0:05:52.20,0:05:53.64,Default,,0000,0000,0000,,are considered essential for any
Dialogue: 0,0:05:53.64,0:05:55.80,Default,,0000,0000,0000,,organization that wants to establish a
Dialogue: 0,0:05:55.80,0:05:58.20,Default,,0000,0000,0000,,strong cyber security posture
Dialogue: 0,0:05:58.20,0:06:00.24,Default,,0000,0000,0000,,the foundational controls build upon the
Dialogue: 0,0:06:00.24,0:06:02.16,Default,,0000,0000,0000,,basic controls and include measures such
Dialogue: 0,0:06:02.16,0:06:04.50,Default,,0000,0000,0000,,as email and web browser protections
Dialogue: 0,0:06:04.50,0:06:06.66,Default,,0000,0000,0000,,malware defenses data recovery
Dialogue: 0,0:06:06.66,0:06:08.82,Default,,0000,0000,0000,,capabilities and secure configurations
Dialogue: 0,0:06:08.82,0:06:11.70,Default,,0000,0000,0000,,for network devices these controls are
Dialogue: 0,0:06:11.70,0:06:13.56,Default,,0000,0000,0000,,designed to provide additional layers of
Dialogue: 0,0:06:13.56,0:06:16.44,Default,,0000,0000,0000,,protection against common cyber threats
Dialogue: 0,0:06:16.44,0:06:19.20,Default,,0000,0000,0000,,finally organizational controls focus on
Dialogue: 0,0:06:19.20,0:06:21.48,Default,,0000,0000,0000,,the policies procedures and training
Dialogue: 0,0:06:21.48,0:06:23.64,Default,,0000,0000,0000,,necessary to maintain an effective cyber
Dialogue: 0,0:06:23.64,0:06:26.22,Default,,0000,0000,0000,,security program these controls include
Dialogue: 0,0:06:26.22,0:06:28.02,Default,,0000,0000,0000,,measures such as security awareness
Dialogue: 0,0:06:28.02,0:06:30.36,Default,,0000,0000,0000,,training incident response planning and
Dialogue: 0,0:06:30.36,0:06:33.30,Default,,0000,0000,0000,,penetration testing by implementing the
Dialogue: 0,0:06:33.30,0:06:35.70,Default,,0000,0000,0000,,sys controls organizations can establish
Dialogue: 0,0:06:35.70,0:06:37.68,Default,,0000,0000,0000,,a comprehensive cyber security program
Dialogue: 0,0:06:37.68,0:06:40.08,Default,,0000,0000,0000,,that addresses both Technical and
Dialogue: 0,0:06:40.08,0:06:42.78,Default,,0000,0000,0000,,organizational aspects of security the
Dialogue: 0,0:06:42.78,0:06:44.76,Default,,0000,0000,0000,,controls are regularly updated based on
Dialogue: 0,0:06:44.76,0:06:47.04,Default,,0000,0000,0000,,new threats and vulnerabilities ensuring
Dialogue: 0,0:06:47.04,0:06:49.26,Default,,0000,0000,0000,,that organizations stay up to date with
Dialogue: 0,0:06:49.26,0:06:51.36,Default,,0000,0000,0000,,the latest best practices in cyber
Dialogue: 0,0:06:51.36,0:06:53.60,Default,,0000,0000,0000,,security
Dialogue: 0,0:06:54.78,0:06:57.78,Default,,0000,0000,0000,,foreign
Dialogue: 0,0:07:01.27,0:07:10.55,Default,,0000,0000,0000,,[Music]