Framework Mapping Project

Discover how our innovative framework mapping can transform your approach to cybersecurity, providing clarity and direction in a complex landscape.

This project started as a practitioner, frustrated with not knowing which tools, and which functions of those tools, served a particular control or safeguard. It was an idea that at first served the Center for Internet Security (CIS) critical controls and its 153 safeguards. 

By working with the brilliant minds at CIS, this visual document was born in an effort to find the “taxonomical elements” of each safeguard. In essence, what is the 1 thing being asked of me, and what are all the parts that are overtly spoken towards in the guidance text? 

Our goal now is to continue finding the “Sameness” between safeguards and frameworks, and more imporantly the differences between frameworks. This will allow more understanding universally which tool, configuration, process, automation, etc; serves which safeguard, control, or requirement; on which framework. AND what changes will I need to make to cross from one to another to meet varying contractual and regulatory security capabilities.