Hi Devon,
We are planning to kick-off the project the coming Wednesday during the CCM call (see Events here in Circle for call info to join us).
Thank you for the support.
Looking forward to working with you.
Best regards,
Lefteris
------------------------------
Eleftherios Skoutaris
Program Manager
Cloud Security Alliance
------------------------------
Original Message:
Sent: Oct 22, 2022 12:34:06 PM
From: Devon Artis
Subject: CCMv4.0 - NIST CSFv1.1 Mapping (Call for participation)
I did help on a mapping once before but I would like to take some time to go through on boarding just in case something has changed.
------------------------------
T. Devon D. Artis
Cloud Security & Risk Architect/DevSecOps Lead
Divine Digital Transformation
Original Message:
Sent: Oct 21, 2022 05:29:45 AM
From: Eleftherios Skoutaris
Subject: CCMv4.0 - NIST CSFv1.1 Mapping (Call for participation)
Dear members,
CSA and the CCM WG would like to embark on a new mapping project that involves a mapping and gap analysis between the CCM v4.0 and NIST CSF v1.1. The project is expected to kick-off during the CCM WG call of next Wednesday, Oct. 26th.
The objective of the project is the requirements comparison of the 2 frameworks. In this way an opportunity is provided for cloud organizations to identify the equivalent (overlapping) security requirements between the two, and more importantly the missing (deltas) cloud-specific CCM security requirements in NIST CSF, especially when seeking to integrating these with their cloud security and compliance programs.
In this respect, CSA, and under the umbrella of the CCM WG, would like to put together a team of experts, who have good experience in the implementation/assessment of NIST cyber sec. frameworks, in particular CSF, and/or CCMv4 framework's security controls.
Should you be interested in participating in the project, please contact me and I will walk you through the on-boarding process and mapping methodology.
Best regards,
------------------------------
Eleftherios Skoutaris
Program Manager
Cloud Security Alliance
------------------------------