Join the social network of Tech Nerds, increase skill rank, get work, manage projects...
 
  • CYBER SECURITY AND ITS FRAMEWORKS

    • 0
    • 0
    • 0
    • 0
    • 0
    • 0
    • 0
    • 0
    • 225
    Comment on it

    Cybersecurity

     Many companies domestic or global follow several sets of rules, policies, standards, and practices to securely transfer data. This is an evolving arena. Protection of integrated systems and network interfaces is the prime objective of Cybersecurity. Regulation of unauthorized access and elimination of threats caused by hackers, malware, and viruses to the information is a challenge as the new face of Technology emerges every second and handling it responsibly requires a great gradual effort. To learn cybersecurity very easy Task.

     

    Cybersecurity framework

    The framework is the structural unit as the name indicates it is the skeleton depending on which different complex variants can be built. Cyber Security framework is the basic processes which include the rules and guidelines to be followed while designing security for information. There are several different frameworks depending on the type of company and the complexity of operation.

     

    List of Cyber Security frameworks

     NIST : National Institute of Standards and Technology.

    • Developed by the fusion of wide expertise from varied organizations for sensitive systems and privacy for civilians. Top class Cyber Security professionals thrived to formulate regulatory norms.

    • These standards were documented initially aiming for the federal government, but later most of it was followed by the private organizations also.

    • Define risk and ways to access and resolve security conflicts. The communication system was widely improved for supporting the individuals in operating the organizations.

    • Evolving measures to be taken in maintaining security standards and stop cyber attacks.

    • Identifying the threat, protecting from threat, Detecting where the threat occurred, Responding to the threat and Recovering the data are focus issues.

     

    C:\Users\DELL\Desktop\NIST-Cyber-Framework-2-695x437.png

     

     COBIT

     Control Objectives for Information and Related Technologies.

    • It is the security framework associated with IT management system that relates to controlling the flow of information. The control structures are formulated and managed by COBIT.

    • Organizes the practices followed by IT domains and processes required for governance of business.

    • Processes are standardized and briefly described. A model for functioning and practicing the methods are made common for every organization.

    • These processes help in planning, monitoring, building and running the organization following the standard structures.

    • Gives the ability to effectively control the functionality of IT process in every management system.

     

    C:\Users\DELL\Desktop\cobit.png

     

     

    ISO/IEC

    These standards are filed as ISO/IEC 27001:2013 for protection of information technology, standard processes to formulate security protocols and risk management system.

    These standards are set under International Standards Organization(ISO) and International Electrotechnical Commission(IEC

    • The British Standard BS 7799 was later changed to ISO/IEC 27001:2013.

    • Global in use and serves as a guide to implement the security management standards.

    • Regulate cybersecurity norms, gaining control over access to information transfer.

    • Mandatory regulations to be implemented in IT Access management and Encryption and decryption procedures.

    • Implement security controls in the organization.

     

    NERC

     The North American Electric Reliability Corporation.

    • This corporation majorly focuses on reliability and stable performance. 

    • The standards were initially applied to electric corporation grids which we later carried forward by other industries.

    • Checking for new patches in the system is done once in every 35 days. After identifying a new patch; its capacity is evaluated and its mitigation and installation activities should be completed in 35 days later to its assessment completion.

    • These protocols are employed in securing of electric systems in bulk but also    provides support for standardizing industry processes

     

    C:\Users\DELL\Desktop\nerc.png

     

    TCCYBER

     The Technical Committee on Cyber Security

    • Telecommunication standards were improved in the European zone initially which was then spread rapidly globalizing it.

    • Privacy and security are of major concern for which TCCYBER relates itself.

    • It maintains a global standard of Cyber Security and also does provide a center for expert help for other major ETSI committees.

    • Guiding infrastructure operators, educating the developers and end users.

    • Guidelines are available globally for free. Thus playing the main role in establishing standards and regulations in the telecommunication industry.

     

     HIT

     The Health Information Trust Alliance.

    • Formulated by an individually operating private sector organization.

    • Focuses majorly on development and implementation of standard procedures in the business, Cyber Security, and healthcare industry.

    • Harmonizing and including other regulatory standards such as ISO, NIST, PCI, HIPAA and State laws.

    • Factors of scaling depend on type, expansion and operational behavior of an organization. Iterates and evolves control structures.

     

    Conclusion

     The choice of  Cybersecurity framework must be made by analyzing the norms tailored as per the functional complexity of an organization.

 0 Comment(s)

Sign In
                           OR                           
                           OR                           
Register

Sign up using

                           OR                           
Forgot Password
Fill out the form below and instructions to reset your password will be emailed to you:
Reset Password
Fill out the form below and reset your password: