ISO, NIST, CMMC — if the alphabet soup of cybersecurity frameworks has you confused, we’ve got you covered. In the latest episode of the Faegre Drinker on Law and Technology Podcast, host Jason G. Weiss chats with guest Jim Watkins, former deputy laboratory director in the FBI’s Orange County Crime Lab and current certified technical assessor for the ANSI National Accreditation Board, about some of the more prominent cybersecurity frameworks, the process of cybersecurity assessments, how compliance issues are addressed, and what’s the difference between self-assessment, self-certification, and accreditation, and how a skilled attorney can make all the difference in getting accredited.
The podcast covers a number of questions, including:
- The difference between common cybersecurity frameworks, ISO, NIST and CMMC
- How cybersecurity assessments work, and why a pre-assessment helps eliminate surprises
- How compliance issues are addressed
- The difference between self-assessment, self-certification, and accreditation
- Why working with an attorney can help clients with a more successful, timely accreditation process