Cybersecurity: What Need to Know to Protect Your Organization

Why Cyber Risk & Cyber Security is Critical to Organization

Cyber risk and cyber security become two concepts primarily related to information technology. The incident impacts in cyber environments and the savings that could be achieved by organization through security controls are evident in business operations in terms of customers, financial costs, business advantages, organization reputation, and personal careers.

A Framework to Strengthen Protection

Cybersecurity Framework (CSF) was created specifically to strengthen protection for companies. It is a common name of “Framework for Improving Critical Infrastructure Cybersecurity” document published by the National Institute of Standards and Technology (NIST). CSF was initially intended for U.S. companies. However, it is suitable as well to be used by any organization that faces cyber security risks, though it is voluntary.

Understanding Similarities Between NIST CSF and ISO 27001

Examine similarities of NIST Cybersecurity Framework (NIST CSF) and ISO 27001 is important for organization that already has ISO 27001 but wants to apply NIST CSF, thus the organization will understand how the two approaches can be integrated and applied together to manage cyber security risks. The following will describe several similarities between NIST CSF and ISO 27001.

Conclusion

The incident impacts in cyber environments and the savings that could be achieved by organization through security controls are evident in business operations in terms of customers, financial costs, business advantages, organization reputation, and personal careers. To strengthen protection for companies, the National Institute of Standards and Technology has created Cybersecurity Framework (CSF) that divided into three part namely core, implementation tiers, and profile. For organization that has implemented ISO 27001 but wants to apply NIST CSF framework, examine the similarities of both approaches will be beneficial for understanding how the two approaches can be integrated and applied together to manage cyber security risks.

References

  1. Advisera Expert Solutions Ltd. How to implement NIST Cybersecurity Framework using ISO 27001. Zagreb: Advisera Expert Solutions Ltd., 2017.
  2. Roy, P. P. (2020, February). A High-Level Comparison between the NIST Cyber Security Framework and the ISO 27001 Information Security Standard. In 2020 National Conference on Emerging Trends on Sustainable Technology and Engineering Applications (NCETSTEA) (pp. 1–3). IEEE.

IT & Soft Skill Training, Coaching, and Consulting Service Provider