Explore the cybersecurity frameworks that can be used to develop and implement cybersecurity policies including policies for cloud platforms. You must pay closer attention to the compliance side of cybersecurity by examining the similarities and variations between compliance frameworks. Some frameworks allow organisations to implement a standardised procedure to help deal with or mitigate cyber attacks. One thing that an organisation shouldn’t do is make up its own security framework.
The links to the main sites are provided below for your research. Some of the most reliable frameworks we must look at can include:
(ISC)2 Common Body of Knowledge (CBK)
ISO 27001/27002 Version 2013
ISO 27001/27002 Version 2005
NIST SP800-53 Revisions 3 and 4
NIST Cybersecurity Framework – NIST is the U.S. Department of Commerce’s National Institute of Standards and Technology. The NIST Cybersecurity Framework helps businesses of all sizes better understand, manage, and lower their cybersecurity risk and protect their networks and data.
Department of Homeland Security Cyber Resilience Review (DHS CRR)
Council on CyberSecurity Critical Security Controls (SANS 20)
Australian DSD Strategies to Mitigate Targeted Cyber Intrusions
PCI DSS Versions
HIPAA Security Rule
HITRUST Common Security Framework (CSF)
NERC CIP Cyber Security Version 5
NERC CIP Cyber Security Version 3