ACUA

Advancing Auditing in Higher Education

Adapting to NIST CSF 2.0: Navigating Changes and Challenges in Higher Education

Adapting to NIST CSF 2.0: Navigating Changes and Challenges in Higher Education

Thursday, October 17, 2024 12:00 PM - 1:00 PM CT

Presentation Slides: Click Here to Download

Since the National Institute of Standards and Technology (NIST) published the first version of the Cybersecurity Framework (CSF) in 2014, many organizations have implemented the framework to guide and improve their cybersecurity program. In the last decade, evolving cyber threats and the wide adoption of the framework by all organizations has led to NIST publishing CSF version 2.0. In this webinar, we will explore the challenges of implementing NIST CSF in higher education, major changes from version 1.0 to 2.0 and associated impacts, and how higher education institutions can audit using the updated version of NIST CSF. 

After attending this webinar, participants will be able to...

  1. Explore the challenges of implementing NIST CSF in higher education.
  2. Understand the changes and impacts of the NIST CSF version update.
  3. Learn how institutions can conduct audits using the new version of NIST CSF.


Delivery Method: Group Internet
Field of Study: Information Technology
Advance Preparation: None
Prerequisites are required: No
Cost: Free for members; $25 for non-members
Recommended CPEs: 1

 

Speaker Information

Amanda Vellocido
Manager, Risk Advisory
Baker Tilly Advisory Group, LP
 

Amanda Vellocido is a Manager, Certified Public Accountant (CPA), and Certified Information Security Auditor (CISA) with Baker Tilly Advisory Group. LP, a national accounting and advisory firm, within the Risk Advisory Practice located in Tysons, Virginia. She has experience providing cybersecurity and IT regulatory compliance assessments (e.g., NSPM-33, CMMC, HIPAA, HITRUST, FISMA, NIST, OMB A-123, CMMC, IT SOX), risk assessments, internal control reviews, and process reviews to assist organizations in achieving their internal audit objectives and enhance their cybersecurity posture. Her clients have included higher education institutions, not-for-profit organizations, and research institutions.
 
Morgan Mincy
Manager, IT and Cyber Risk Consulting
Baker Tilly Advisory Group, LP
 

Morgan Mincy is a Manager with Baker Tilly, a national accounting and advisory firm, within the Risk Advisory practice. She has experience providing cybersecurity and IT control assessments (e.g., CMMC, NIST, CSC CIS), risk assessments, internal control reviews, cybersecurity assessments, and process reviews to assist a variety of organizations large and small in achieving their internal audit objectives and enhancing their overall cybersecurity posture. Her clients have included primarily higher education institutions, research institutions, government contractors, and not-for-profit organizations. Morgan is a Certified Public Accountant (CPA) and Certified Information Security Auditor (CISA).

 

Download Presentation Slides