Cyber Security Standards
نویسندگان
چکیده
The goal of cyber security standards is to improve the security of information technology (IT) systems, networks, and critical infrastructures. A cyber security standard defines both functional and assurance requirements within a product, system, process, or technology environment. Well-developed cyber security standards enable consistency among product developers and serve as a reliable metric for purchasing security products. Cyber security standards cover a broad range of granularity, from the mathematical definition of a cryptographic algorithm to the specification of security features in a web browser, and are typically implementation independent. A standard must address user needs, but must also be practical since cost and technological limitations must be considered in building products to meet the standard. Additionally, a standard’s requirements must be verifiable; otherwise, users cannot assess security even when products are tested against the standard.
منابع مشابه
Toward an Ontology Architecture for Cyber-Security Standards
The rapid growth in magnitude and complexity of cyber-security information and event management (CSIEM) has ignited a trend toward security automation and information exchange standards. Making Security Measurable (MSM) references a collection of open community standards for the common enumeration, expression and reporting of cyber-security-related information. While MSM-related standards are v...
متن کاملStandards for Cyber Security
Standards play a key role in improving cyber defense and cyber security across different geographical regions and communities. Standardizing processes and procedures is also essential to achieve effective cooperation in cross-border and cross-community environments. The number of standards development organizations and the number of published information security standards have increased in rec...
متن کاملCombining Security Risk Assessment and Security Testing Based on Standards
Managing cyber security has become increasingly important due to the growing interconnectivity of computerized systems and their use in society. A comprehensive assessment of cyber security can be challenging as its spans across different domains of knowledge and expertise. For instance, identifying cyber security vulnerabilities requires detailed technical expertise and knowledge, while the as...
متن کاملSupporting Situationally Aware Cybersecurity Systems 30 th September 2015
In this report, we describe the Unified Cyber Security ontology (UCO) to support situational awareness in cyber security systems. The ontology is an effort to incorporate and integrate heterogeneous information available from different cyber security systems and most commonly used cyber security standards for information sharing and exchange. The ontology has also been mapped to a number of exi...
متن کاملWhy We Cannot (Yet) Ensure the Cyber-Security of Safety-Critical Systems
There is a growing threat to the cyber-security of safety-critical systems. The introduction of Commercial Off The Shelf (COTS) software, including Linux, specialist VOIP applications and Satellite Based Augmentation Systems across the aviation, maritime, rail and power-generation infrastructures has created common, vulnerabilities. In consequence, more people now possess the technical skills r...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2013