Good afternoon everyone!
Seemless Transition LLC (STLLC) is making waves! With this first blog post, we are excited to announce a few new updates to both our portfolio of tools and our community outreach program. Stay tuned to this space for more information on the happenings of STLLC, we have lots of plans in store! Let’s dive in.
New Tool!
STLLC already offers an assortment of tools which provide easy to navigate views of popular standards frameworks. Head over to our tools page to check them out. In addition to our initial offering, we are adding a whole new category of tool: a NIST Cybersecurity Framework (CSF) Profile. For those who may not be familiar or need a brush up on what the CSF is and how it helps organizations organize and communicate cybersecurity risk management activities, check out the New to Framework section of the NIST site.
The brand new CSF Profile was created by STLLC and provides organizations a way to align to the recent White House Fact Sheet on Cybersecurity. The Fact Sheet is high level guidance on how organizations can safeguard their systems against growing cybersecurity risks in the wake of the recent sanctions imposed on Russia. STLLC applauds the administration for creating this Fact Sheet and agrees that taking additional steps to protect key assets against cyber threats abroad is a prudent choice for all organizations. To help give organizations a head start, the CSF Profile aligns the Fact Sheet to the common standard of the CSF Core subcategories. By linking the guidance from the White House to internal program outcomes, organizations can ensure they are doing what is needed to safeguard their networks, data, and services.
STLLC is proud to offer this profile as a contribution the open source cybersecurity ecosystem. Download your copy at our profile page. If your organization is interested in learning more about how to implement the profile, starting your cybersecurity program, or looking to take your cybersecurity risk management to the next level, email seemlesstransitionllc [at] gmail [dot] com. We would be happy to help your organization take the next step in its transition towards your vision of the future.
Community Outreach
STLLC is committed to participating in, and contributing to, the overall cybersecurity ecosystem. The open source tools we provide are a start to that effort. Another factor in the community outreach is working with our government partners to develop the best resources and guidance. One way STLLC interacts with the public private partnership process is by providing subject matter expertise in Requests for Information (RFI). NIST recently issued an RFI relating to the update of the NIST CSF and Cybersecurity Supply Chain Risk Management. STLLC is proud to have submitted comments to the RFI which were posted publicly. Head over to NIST’s RFI response site to review our comments.
As a high level summary, STLLC is excited to see the process begin for updating the CSF. The last CSF update was in 2018 and cybersecurity risk management space has evolved since that time. STLLC believes in making much needed changes to the CSF in an effort to stream line the document as well as integrate the document with other NIST guidance. With a major change potentially on the docket, now is the time to be bold and ensure the CSF is ready to meet the challenge of the evolving cybersecurity threat landscape. STLLC is committed to working with NIST through the CSF update process.
We at STLLC are looking forward to working with our partners in the public and private sectors to continue strengthening our collective cybersecurity ecosystem.
Best,
Matthew Smith