Module 3 Flashcards
Security Frameworks
Guidelines used for building plans to help mitigate risk and threats to data and privacy.
Purpose of Security Frameworks
Protecting PII
Securing financial information
Identifying security weaknesses
Managing organizational risks
Aligning security with business goals
Components of Security Frameworks
Identifying and documenting security goals
Setting guidelines to achieve security goals
Implementing security processes
Monitoring and communicating results
Security Controls
Safeguards designed to reduce specific security risks
CIA Triad
A foundational model that helps inform how organizations consider risk when setting up systems and security policies
Confidentiality
Only authorized users can access specific assets or data
Integrity
Data is correct, authentic, and reliable
Availability
Data is accessible to those who are authorized to access it
Asset
An item perceived as having value to an organization
NIST Cybersecurity Framework (CSF)
A voluntary framework that consist of standards, guidelines, and best practices to manage cybersecurity risk
Ethical Principles in Security
Confidentiality
Privacy protections
Laws
Privacy Protection
Safeguarding personal information from unauthorized use
