In addition to ISO 27001, NIST Cybersecurity Framework (CSF) has become one of international well-known cybersecurity standards. As an integrative assessment framework for cybersecurity maturity, CSF covers a wide range of IT, cybersecurity, risk management, R&D, supply chain, facility management, and PR departments. We will share CSF working practices from the perspective of third-party assessment and discuss common implementation challenges from the CSF project expereinces.
With over 15 year working experiences, Bright Wu has developed integrated resiliency and recovery practices through cybersecurity, disaster recovery planning (DRP), and business continuity planning (BCP) in a highly vulnerable business environment. Over past three years, Bright Wu was highly invloved with drafting the semiconductor cybersecurity standards at SEMI Taiwan. In addition, he takes a role of NIST CSF assesement consultant and integrate IT, cyberseuciry and OT based on multiple specification standards such as IEC 62443.