After a few months off, the waves are back.
The new year is starting where we left off last year: creating Online Informative References (OLIRs). As we posted a few months ago, OLIRs are the way in which NIST allows security practitioners to assert relationships between elements of frameworks, standards, or best practices.
Previously we had created an OLIR connecting the ISO/IEC 27001(2013) standard to the CSF v1.1. This OLIR will help implementers find synergies within their CSF v1.1 implementation as well as organize their ISO/IEC 27001 risk management activities.
Today we are announcing the release of a suite of ANSI/ISA 62443 OLIRs on our website. These OLIRs serve a similar purpose as our ISO/IEC 27001 OLIR: finding synergies. However, these OLIRs branch into a different standard set and in conjunction with previous OLIRs, create additional synergies and organization structures to further optimize your cybersecurity risk management programs.
We plan on continuing our government outreach program by submitting these ANSI/ISA OLIRs to the NIST program for review and approval. Additionally, we have started work on a few new OLIRs, this time featuring the Secure Software Development Framework (SSDF). Stay tuned to have more organized structures on both the cybersecurity risk management front, as well as secure development.
Have an idea for OLIRs or other resources you would like to see from us? Drop us a comment!