Follow on Google News News By Tag Industry News News By Location Country(s) Industry News
Follow on Google News | Information Security Forum Releases Standard of Good Practice 2014Annual Update Provides Guidance on the Implementation of the NIST Cybersecurity Framework
By: Information Security Forum “With the newly created mapping between the NIST Cybersecurity Framework and The Standard, ISF members can now determine which of their current controls satisfy the corresponding control objectives in the NIST Cybersecurity Framework, and thus demonstrate their alignment with it,” said Steve Durbin, Managing Director, ISF. “Using the NIST Cybersecurity Framework, together with The Standard and other information risk management tools, enables organizations of all sizes to effectively demonstrate to their stakeholders the progress they’ve made in building a robust cyber resilience approach.” As cybersecurity increasingly becomes a national security issue, governments are taking a more active role in defining responses to cyber threats. In an initiative to respond to an executive order issued by President Barack Obama, NIST has released the first version of its Cybersecurity Framework for Improving Critical Infrastructure Cybersecurity. The framework comprises five functions of cybersecurity activity, with a strong focus on incident response. These functions are further divided into categories, which correspond to various domains of information security; and subcategories, which express various outcomes or control objectives within these domains. “Although the NIST Cybersecurity Framework is voluntary and intended for guidance rather than as a formal standard, one of its goals was to provide security practitioners with a common language for cybersecurity,” Updated annually to reflect the latest findings from the ISF’s research program, input from global member organizations, trends from the ISF Benchmark and major external developments including new legislation and other requirements, The Standard is used by many global organizations as their primary reference for information security. The Standard addresses the rapid pace at which threats and risks evolve and an organizations’ Available at no cost to ISF member companies, The Standard can also be purchased by non-members. For more information on The Standard or any aspect of the ISF, please contact Steve Durbin at steve.durbin@ About the Information Security Forum Founded in 1989, the Information Security Forum (ISF) is an independent, not-for-profit association of leading organizations from around the world. It is dedicated to investigating, clarifying and resolving key issues in cyber, information security and risk management and developing best practice methodologies, processes and solutions that meet the business needs of its Members. ISF Members benefit from harnessing and sharing in-depth knowledge and practical experience drawn from within their organizations and developed through an extensive research and work program. The ISF provides a confidential forum and framework, which ensures that Members adopt leading-edge information security strategies and solutions. And by working together, Members avoid the major expenditure required to reach the same goals on their own. Further information about ISF research and membership is available from www.securityforum.org End
Account Email Address Account Phone Number Disclaimer Report Abuse
|
|