Cybersecurity Program Development for Business Flashcards
What is cybersecurity is from a business perspective?
Cybersecurity is the ongoing application of best practices intended to ensure and preserve confidentiality, integrity, and availability of digital information as well as the safety of people and environments
what is security from the perspective of cybersecurity?
the practiice that deals with all aspects of prevention protection remediation from any type of harm to an asset
What are the four pillars of cybersecurity?
Confidentiality
Integrity
Availability
Safety
What are the degrees of confidentiality from the EU perspective?
Tres Secret UE (EU Top Secret) Secret UE (EU Secret) Confidentiel UE (EU Confidential) Restreint UE (EU Restricted)
What is success from the cybersecurity perspective?
absence of impact on confidentiality, integrity, availability of digital information
What are the 10 main standards that apply for cybersecurity?
ETSI TR 103 IASME standard for small and medium-sized enterprises ISF Standard of Good Practice (SoGP) ISA ISA62443 IETF RFC 2196 ISACA COBIT framework and CSX resources ISECOM OSSTMM ISO 27000 family of standards NIST Cyber-security Framework (CSF) NERC CIP family of standards
What are the 6 functions of cybersecurity?
deter identify protect detect respond recover
what are controls?
actions that mitigate risk
What are preventative controls?
designed to prevent an attack from getting to the target resources
What are Detective controls/
Identify that an attack is occurring, and the details of the attack
What are corrective controls?
Designed to minimize the damage from an attack
What are compensating controls?
designed to compensate for the failure or absence of other controls to mitigate the damage of an attack