Leading Cyber Security Frameworks and Standards
Lloyds Banking Group reports an estimated cost of $400 billion in global cyber attacks annually, and no one is immune. Some of the organizations that you would think are most secure, like the Israeli Power Grid Authority and the Irish National Lottery, were cyber attack victims in 2016. News organizations like BBC and CNN were also not immune. With hacking and global cyber attacks becoming ongoing issues, employers need to hire cyber security experts well versed in the latest standards, frameworks and protocol.
What Should You Know About Cyber Security Frameworks?
Users need improved analytics capabilities to determine their vulnerabilities to attack. Using these advanced capabilities will help organizations better understand the risks associated with non-compliance or any compliance gaps. What does compliance mean in this context? It refers to the cyber security frameworks and standards being used by organizations on a global scale. Here are just a few:
- The National Institute of Standards and Technology Cybersecurity Framework (NIST) was released in February 2014 and helps companies and government organizations by providing a set of best practices, and leading taxonomy in cyber security. This framework has been used in the U.S. and abroad to help organizations assess the maturity level of their current cyber security practices and to advance toward meeting cyber security goals.
- The international standard value-at-risk model provided by The Open Group, known as Factor Analysis of Information Risk (FAIR), supports those using NIST CSF to assist in measuring risk and prioritizing control improvements as they relate to the financial aspects of their organization or agency.
The Application of Cyber Security Frameworks
According to the NIST and (FAIR), organizations need to answer the following questions:
- What is our level of risk?
- What activities are important and need to be prioritized?
Standardized best practices and frameworks like those explained above can help businesses and agencies better assess cyber security risks and therefore implement effective cyber security measures that safeguard data and financial details.
If you are interested in cyber security and learning more about important frameworks, visit Maryville University’s online cyber security master’s degree program.
Sources
http://www.bbc.com/news/technology-35376327
http://thehackernews.com/2016/01/power-grid-cyberattack.html