[Carlos Martes]

For this lesson, I chose to focus on NIST Cybersecurity Framework and ISO.IEC 27001, since both are widely used to strengthen an organizations security posture. The NIST CSF is built around five core functions which are identity, protect, respond and recover. It gives organizations a clear roadmap for understanding risks, setting controls and improving security overtime. One thing i appreciate about NIST is that it is flexible and can be adapted to different environment,, whether government or private sector. ISO 27001 on the other hand, is an international standard that focuses on building information security management system. It emphasis continuous improvement, documentation and management. Organizations that follow ISO 27001 often seek certification to show that their security practices meet global standards. Both frameworks complement each other by promoting structured security processes and stronger risk awareness.