Principles of Cyber Security Resources

This lecture covers cybersecurity resources available to organizations, including frameworks, regulations, legislation, standards, and benchmarks. It also delves into cybersecurity frameworks such as NIST and ISO, regulatory compliance, industry regulations, and cybersecurity standards like PCI DSS.

• Cybersecurity
• Resources
• Frameworks
• Regulations
• Standards

bla_ra Follow

Uploaded on Mar 15, 2025 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

Presentation Transcript

1. Principles of Cyber Security Lecture Lecture 14 14: : Cybersecurity Resources Dr. Dr. Muamer Muamer Mohammed Mohammed 1

2. Objectives 14.1 To describe Cybersecurity Resources.

3. Cybersecurity Resources External cybersecurity resources are available to organizations: Frameworks Regulations Legislation Standards Benchmarks/secure configuration guides Information sources 3

4. Cybersecurity Framework A cybersecurity framework is a series of documented processes used to define policies and procedures for implementing and managing security controls in an enterprise environment The most common frameworks are from the: National Institute of Standards and Technology (NIST) International Organization for Standardization (ISO) American Institute of Certified Public Accountants (AICPA) Center for Internet Security (CIS) Cloud Security Alliance (CSA) 4

5. Cybersecurity Framework 5

6. Regulations The process of adhering to regulations is called regulatory compliance Industry regulations are typically developed by established professional organizations or government agencies using the expertise of seasoned security professionals Sample of cybersecurity regulations categories: Broadly applicable regulations Industry-specific regulations U.S. state regulations International regulations 6

7. Standards A standard is a document approved through consensus by a recognized standardization body. It provides for framework, rules, guidance, or characteristics for products or related processes and production methods. One cybersecurity standard is the Payment Card Industry Data Security Standard (PCI DSS). 7

8. Discussion Activity Many schools, especially high schools, restrict IT students from accessing the tools used to perform penetration testing and vulnerability scanning for fear that students will use them for nefarious purposes. Is this a valid concern? Why or why not? Is there a way students can learn about these tools in a manner that is safe and that will ease school administrators concerns? Each student should provide a response to the question. 8

9. Summary A cybersecurity framework is a series of documented processes used to define policies and procedures for implementation and management of security controls in an enterprise environment. 9

10. Thank you 10