Frameworks

Question 1

What does NIST stand for and what are the key principles of the NIST cybersecurity framework?

Answer 1

NIST stands for National Institute of Standards and technology.

The key principles of the NIST cybersecurity framework are:

Identify - Identify the critical functions and cybersecurity risks

Protect - Contaont the potential impact of a cybersecurity breach

Detect - Assess whether a company’s systems are compromised

Respond - Respond quickly to a detected breach

Recover - Get back any data that might have been lost as a result of a breach or attack

Question 2

What does ISO stand for?

Answer 2

International Organisation for Standardisation

Question 3

Why are frameworks used?

Answer 3

Frameworks are used to provide security baselines, ensure best practice security wise and being certified in any of this frameworks provides assurance to company’s and people that you work with that you’re organisation is following best practice to keep data secure.

Question 4

What is the ISO 27001 framework and what does it cover?

Answer 4

It is an international standard that helps organisations manage the security of their information assets.

The framework provides a set fo requirements and best practices for establishing, implementing and maintaining an information security management system (ISMS)

The framework includes legal, physical and technical controls for managing information risk. It covers how to ensure the confidentiality, integrity and availability of corporate data.