Relevant bibliographies by topics / Cybersecurity frameworks

Contents

  1. Journal articles
  2. Dissertations / Theses
  3. Books
  4. Book chapters
  5. Conference papers
  6. Reports

Academic literature on the topic 'Cybersecurity frameworks'

Author: Grafiati
Published: 9 January 2025

Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles

Select a source type:

Consult the lists of relevant articles, books, theses, conference reports, and other scholarly sources on the topic 'Cybersecurity frameworks.'

Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.

You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.

Journal articles on the topic "Cybersecurity frameworks"

1

Taherdoost, Hamed. "Understanding Cybersecurity Frameworks and Information Security Standards—A Review and Comprehensive Overview." Electronics 11, no. 14 (July 12, 2022): 2181. http://dx.doi.org/10.3390/electronics11142181.

Full text
Abstract:
Businesses are reliant on data to survive in the competitive market, and data is constantly in danger of loss or theft. Loss of valuable data leads to negative consequences for both individuals and organizations. Cybersecurity is the process of protecting sensitive data from damage or theft. To successfully achieve the objectives of implementing cybersecurity at different levels, a range of procedures and standards should be followed. Cybersecurity standards determine the requirements that an organization should follow to achieve cybersecurity objectives and facilitate against cybercrimes. Cybersecurity standards demonstrate whether an information system can meet security requirements through a range of best practices and procedures. A range of standards has been established by various organizations to be employed in information systems of different sizes and types. However, it is challenging for businesses to adopt the standard that is the most appropriate based on their cybersecurity demands. Reviewing the experiences of other businesses in the industry helps organizations to adopt the most relevant cybersecurity standards and frameworks. This study presents a narrative review of the most frequently used cybersecurity standards and frameworks based on existing papers in the cybersecurity field and applications of these cybersecurity standards and frameworks in various fields to help organizations select the cybersecurity standard or framework that best fits their cybersecurity requirements.
APA, Harvard, Vancouver, ISO, and other styles
2

Alghamdi, Ahmed. "Comparative Analysis of ISO27001 and NIST CSF." International Journal of Membrane Science and Technology 10, no. 4 (September 30, 2023): 1423–29. http://dx.doi.org/10.15379/ijmst.v10i4.2258.

Full text
Abstract:
Recent developments in Information and Communication Technology (ICT) have had a significant impact on commercial organizations in achieving their goals and objectives. However, the introduction of ICT introduced new cyber risks and threats as well. To mitigate cyber threats, various cybersecurity frameworks and standards are available e.g., ISO/IEC27001 and NIST Cybersecurity Framework (CSF). These frameworks can be used to measure/ audit the maturity level of an organization’s cybersecurity status. In this study, we have compared the ISO 27001 and NIST CSF and map these frameworks with each other.
APA, Harvard, Vancouver, ISO, and other styles
3

Melaku, Henock Mulugeta. "A Dynamic and Adaptive Cybersecurity Governance Framework." Journal of Cybersecurity and Privacy 3, no. 3 (June 30, 2023): 327–50. http://dx.doi.org/10.3390/jcp3030017.

Full text
Abstract:
Cybersecurity protects cyberspace from a wide range of cyber threats to reduce overall business risk, ensure business continuity, and maximize business opportunities and return on investments. Cybersecurity is well achieved by using appropriate sets of security governance frameworks. To this end, various Information Technology (IT) and cybersecurity governance frameworks have been reviewed along with their benefits and limitations. The major limitations of the reviewed frameworks are; they are complex and have complicated structures to implement, they are expensive and require high skill IT and security professionals. Moreover, the frameworks require many requirement checklists for implementation and auditing purposes and a lot of time and resources. To fill the limitations mentioned above, a simple, dynamic, and adaptive cybersecurity governance framework is proposed that provides security related strategic direction, ensures that security risks are managed appropriately, and ensures that organizations’ resources are utilized optimally. The framework incorporated different components not considered in the existing frameworks, such as research and development, public-private collaboration framework, regional and international cooperation framework, incident management, business continuity, disaster recovery frameworks, and compliance with laws and regulations. Moreover, the proposed framework identifies and includes some of the existing frameworks’ missed and overlapped components, processes, and activities. It has nine components, five activities, four outcomes, and seven processes. Performance metrics, evaluation, and monitoring techniques are also proposed. Moreover, it follows a risk based approach to address the current and future technology and threat landscapes. The design science research method was used in this research study to solve the problem mentioned. Using the design science research method, the problem was identified. Based on the problem, research objectives were articulated; the objective of this research was solved by developing a security governance framework considering different factors which were not addressed in the current works. Finally, performance metrics were proposed to evaluate the implementation of the governance framework.
APA, Harvard, Vancouver, ISO, and other styles
4

Lee, In. "Internet of Things (IoT) Cybersecurity: Literature Review and IoT Cyber Risk Management." Future Internet 12, no. 9 (September 18, 2020): 157. http://dx.doi.org/10.3390/fi12090157.

Full text
Abstract:
Along with the growing threat of cyberattacks, cybersecurity has become one of the most important areas of the Internet of Things (IoT). The purpose of IoT cybersecurity is to reduce cybersecurity risk for organizations and users through the protection of IoT assets and privacy. New cybersecurity technologies and tools provide potential for better IoT security management. However, there is a lack of effective IoT cyber risk management frameworks for managers. This paper reviews IoT cybersecurity technologies and cyber risk management frameworks. Then, this paper presents a four-layer IoT cyber risk management framework. This paper also applies a linear programming method for the allocation of financial resources to multiple IoT cybersecurity projects. An illustration is provided as a proof of concept.
APA, Harvard, Vancouver, ISO, and other styles
5

Dedeke, Adenekan, and Katherine Masterson. "Contrasting cybersecurity implementation frameworks (CIF) from three countries." Information & Computer Security 27, no. 3 (July 8, 2019): 373–92. http://dx.doi.org/10.1108/ics-10-2018-0122.

Full text
Abstract:
Purpose This paper aims to explore the evolution of a trend in which countries are developing or adopting cybersecurity implementation frameworks that are intended to be used nationally. This paper contrasts the cybersecurity frameworks that have been developed in three countries, namely, Australia, UK and USA. Design/methodology/approach The paper uses literature review and qualitative document analysis for the study. The paper developed and used an assessment matrix as its coding protocol. The contents of the three cybersecurity frameworks were then scored to capture the degree to which they covered the themes/items of the cybersecurity assessment matrix. Findings The analysis found that the three cybersecurity frameworks are oriented toward the risk management approach. However, the frameworks also had notable differences with regard to the security domains that they cover. For example, one of the frameworks did not offer guidelines with regard to what to do to respond to attacks or to plan for recovery. Originality/value The results of this study are beneficial to policymakers in the three countries targeted, as they are able to gain insights about how their cybersecurity frameworks compares to those of the other two countries. Such knowledge would be useful as decision-makers take steps to improve their existing frameworks. The results of this study are also beneficial to executives who have branches in all three countries. In such cases, security professionals could deploy the most comprehensive framework across all three countries and then extend the deployment in each location to meet country-specific requirements.
APA, Harvard, Vancouver, ISO, and other styles
6

Malatji, Masike, Annlizé L. Marnewick, and Suné Von Solms. "Cybersecurity capabilities for critical infrastructure resilience." Information & Computer Security 30, no. 2 (October 14, 2021): 255–79. http://dx.doi.org/10.1108/ics-06-2021-0091.

Full text
Abstract:
Purpose For many innovative organisations, Industry 4.0 paves the way for significant operational efficiencies, quality of goods and services and cost reductions. One of the ways to realise these benefits is to embark on digital transformation initiatives that may be summed up as the intelligent interconnectivity of people, processes, data and cyber-connected things. Sadly, this interconnectivity between the enterprise information technology (IT) and industrial control systems (ICS) environment introduces new attack surfaces for critical infrastructure (CI) operators. As a result of the ICS cybersecurity risk introduced by the interconnectivity between the enterprise IT and ICS networks, the purpose of this study is to identify the cybersecurity capabilities that CI operators must have to attain good cybersecurity resilience. Design/methodology/approach A scoping literature review of best practice international CI protection frameworks, standards and guidelines were conducted. Similar cybersecurity practices from these frameworks, standards and guidelines were grouped together under a corresponding National Institute of Standards and Technology (NIST) cybersecurity framework (CF) practice. Practices that could not be categorised under any of the existing NIST CF practices were considered new insights, and therefore, additions. Findings A CI cybersecurity capability framework comprising 29 capability domains (cybersecurity focus areas) was developed as an adaptation of the NIST CF with an added dimension. This added dimension emphasises cloud computing and internet of things (IoT) security. Each of the 29 cybersecurity capability domains is executed through various capabilities (cybersecurity processes and procedures). The study found that each cybersecurity capability can further be operationalised by a set of cybersecurity controls derived from various frameworks, standards and guidelines, such as COBIT®, CIS®, ISA/IEC 62443, ISO/IEC 27002 and NIST Special Publication 800-53. Practical implications CI sectors are immediately able to adopt the CI cybersecurity capability framework to evaluate their levels of resilience against cyber-attacks, given new attack surfaces introduced by the interconnectivity of cyber-connected things between the enterprise and ICS levels. Originality/value The authors present an added dimension to the NIST framework for CI cyber protection. In addition to emphasising cryptography, IoT and cloud computing security aspects, this added dimension highlights the need for an integrated approach to CI cybersecurity resilience instead of a piecemeal approach.
APA, Harvard, Vancouver, ISO, and other styles
7

Malatji, Masike, Annlizé L. Marnewick, and Suné Von Solms. "Cybersecurity capabilities for critical infrastructure resilience." Information & Computer Security 30, no. 2 (October 14, 2021): 255–79. http://dx.doi.org/10.1108/ics-06-2021-0091.

Full text
Abstract:
Purpose For many innovative organisations, Industry 4.0 paves the way for significant operational efficiencies, quality of goods and services and cost reductions. One of the ways to realise these benefits is to embark on digital transformation initiatives that may be summed up as the intelligent interconnectivity of people, processes, data and cyber-connected things. Sadly, this interconnectivity between the enterprise information technology (IT) and industrial control systems (ICS) environment introduces new attack surfaces for critical infrastructure (CI) operators. As a result of the ICS cybersecurity risk introduced by the interconnectivity between the enterprise IT and ICS networks, the purpose of this study is to identify the cybersecurity capabilities that CI operators must have to attain good cybersecurity resilience. Design/methodology/approach A scoping literature review of best practice international CI protection frameworks, standards and guidelines were conducted. Similar cybersecurity practices from these frameworks, standards and guidelines were grouped together under a corresponding National Institute of Standards and Technology (NIST) cybersecurity framework (CF) practice. Practices that could not be categorised under any of the existing NIST CF practices were considered new insights, and therefore, additions. Findings A CI cybersecurity capability framework comprising 29 capability domains (cybersecurity focus areas) was developed as an adaptation of the NIST CF with an added dimension. This added dimension emphasises cloud computing and internet of things (IoT) security. Each of the 29 cybersecurity capability domains is executed through various capabilities (cybersecurity processes and procedures). The study found that each cybersecurity capability can further be operationalised by a set of cybersecurity controls derived from various frameworks, standards and guidelines, such as COBIT®, CIS®, ISA/IEC 62443, ISO/IEC 27002 and NIST Special Publication 800-53. Practical implications CI sectors are immediately able to adopt the CI cybersecurity capability framework to evaluate their levels of resilience against cyber-attacks, given new attack surfaces introduced by the interconnectivity of cyber-connected things between the enterprise and ICS levels. Originality/value The authors present an added dimension to the NIST framework for CI cyber protection. In addition to emphasising cryptography, IoT and cloud computing security aspects, this added dimension highlights the need for an integrated approach to CI cybersecurity resilience instead of a piecemeal approach.
APA, Harvard, Vancouver, ISO, and other styles
8

MPHATHENI, Mandlenkosi Richard. "Cybersecurity: An Appraisal of Policy Frameworks and Related Conventions." International Journal of Information Security and Cybercrime 12, no. 1 (June 28, 2023): 45–60. http://dx.doi.org/10.19107/ijisc.2023.01.06.

Full text
Abstract:
Cybercrime is a global threat to cybersecurity that crosses national borders and has no geographical boundaries. The global community establishes, ratifies, and implements common global accepted treaties and conventions to guide and direct cybersecurity. Nonetheless, the setting of internationally accepted standards for cybersecurity has been a difficult task. Cyberspace is a complex, erratic, and rapidly developing hybrid that is both physical and virtual. To eliminate chaos in cyberspace, improve cybersecurity, and eliminate cybercrime, a global framework of laws and conventions is required. To keep up with criminals' ability to exploit cyberspace, international laws and conventions must be gradually and robustly established and speedily and continuously amended. Adherence to stringent security measures and policies on the part of both public and private companies will aid in the implementation of increasingly stringent cybersecurity measures and international regulations in this regard. Cybersecurity must be prioritised in business. Companies should have cyberattack risk management strategies in place to prevent cyber breaches. Formal training for security cluster members and business representatives is required to effectively deal with the cybersecurity phenomenon.
APA, Harvard, Vancouver, ISO, and other styles
9

AlSagri, Hatoon S., Shahab Saquib Sohail, and Shiju Sebastian. "The role of deep reinforcement learning in developing adaptive cybersecurity defenses for smart grid systems." Journal of Information and Optimization Sciences 45, no. 8 (2024): 2299–307. https://doi.org/10.47974/jios-1807.

Full text
Abstract:
The integration of profound fortification learning procedures inside cybersecurity techniques has risen as a promising approach to invigorate the flexibility of savvy network frameworks against advancing dangers. Savvy lattice frameworks, with their complex organize of interconnected gadgets and basic foundation, show special challenges for conventional cybersecurity measures. In this setting, DRL offers energetic and versatile arrangement by leveraging its capacity to memorize from involvement and optimize decision-making in complex, energetic situations. This paper looks at the part of DRL in creating versatile cybersecurity guards custom-made particularly for shrewd network frameworks. By utilizing DRL calculations, such as profound Q-networks (DQN) and profound deterministic arrangement slope, shrewd lattice protections can independently adjust to changing risk scenes, distinguish peculiarities, and moderate assaults in real-time. Moreover, DRL empowers the creation of proactive resistance instruments that can expect potential dangers and preemptively alter security conventions. Through a comprehensive survey of existing writing and case thinks about, this paper highlights the adequacy of DRL in improving the vigor and flexibility of cybersecurity measures for keen lattice frameworks. Additionally, it investigates the challenges and openings related with the integration of DRL methods in viable cybersecurity systems, clearing the way for future inquire about and usage in securing basic framework against developing cyber dangers.
APA, Harvard, Vancouver, ISO, and other styles
10

Shelly, Elizabeth. "Cybersecurity Frameworks for Cloud Computing Environments." International Journal of Computing and Engineering 6, no. 1 (July 12, 2024): 30–44. http://dx.doi.org/10.47941/ijce.2058.

Full text
Abstract:
Purpose: The general objective of this study was to explore cybersecurity frameworks for cloud computing environments. Methodology: The study adopted a desktop research methodology. Desk research refers to secondary data or that which can be collected without fieldwork. Desk research is basically involved in collecting data from existing resources hence it is often considered a low cost technique as compared to field research, as the main cost is involved in executive’s time, telephone charges and directories. Thus, the study relied on already published studies, reports and statistics. This secondary data was easily accessed through the online journals and library. Findings: The findings reveal that there exists a contextual and methodological gap relating to explore cybersecurity frameworks for cloud computing environments. The study emphasized the necessity of robust, comprehensive security measures to address the unique challenges of cloud infrastructures. It highlighted the importance of advanced security measures like encryption, multi-factor authentication, and continuous monitoring to mitigate risks. The research underscored the need for holistic and adaptable frameworks that integrate technological solutions and human factors, while also stressing regulatory compliance. The findings had significant implications for cloud service providers, businesses, regulatory bodies, and cybersecurity professionals, suggesting a focus on new technologies like AI and blockchain for future research. Unique Contribution to Theory, Practice and Policy: The Diffusion of Innovations Theory, Technology Acceptance Model (ATM) and Socio-Technical Systems Theory may be used to anchor future studies on cybersecurity frameworks for cloud computing environments. The study made significant theoretical, practical, and policy recommendations. It emphasized the need for an integrated theoretical approach, the adoption of multi-layered security practices, and regular security assessments. The study also advocated for standardized and specific regulatory frameworks tailored to cloud environments and international cooperation for consistent global cybersecurity policies. These recommendations aimed to enhance the understanding, implementation, and governance of cloud security, ultimately contributing to a more resilient and secure cloud computing ecosystem.
APA, Harvard, Vancouver, ISO, and other styles
More sources

Dissertations / Theses on the topic "Cybersecurity frameworks"

1

Smith, Willarvis. "A Comprehensive Cybersecurity Defense Framework for Large Organizations." Diss., NSUWorks, 2019. https://nsuworks.nova.edu/gscis_etd/1083.

Full text
Abstract:
There is a growing need to understand and identify overarching organizational requirements for cybersecurity defense in large organizations. Applying proper cybersecurity defense will ensure that the right capabilities are fielded at the right locations to safeguard critical assets while minimizing duplication of effort and taking advantage of efficiencies. Exercising cybersecurity defense without an understanding of comprehensive foundational requirements instills an ad hoc and in many cases conservative approach to network security. Organizations must be synchronized across federal and civil agencies to achieve adequate cybersecurity defense. Understanding what constitutes comprehensive cybersecurity defense will ensure organizations are better protected and more efficient. This work, represented through design science research, developed a model to understand comprehensive cybersecurity defense, addressing the lack of standard requirements in large organizations. A systemic literature review and content analysis were conducted to form seven criteria statements for understanding comprehensive cybersecurity defense. The seven criteria statements were then validated by a panel of expert cyber defenders utilizing the Delphi consensus process. Based on the approved criteria, the team of cyber defenders facilitated the development of a Comprehensive Cybersecurity Defense Framework prototype for understanding cybersecurity defense. Through the Delphi process, the team of cyber defense experts ensured the framework matched the seven criteria statements. An additional and separate panel of stakeholders conducted the Delphi consensus process to ensure a non-biased evaluation of the framework. The comprehensive cybersecurity defense framework is developed through the data collected from two distinct and separate Delphi panels. The framework maps risk management, behavioral, and defense in depth frameworks with cyber defense roles to offer a comprehensive approach to cyber defense in large companies, agencies, or organizations. By defining the cyber defense tasks, what those tasks are trying to achieve and where best to accomplish those tasks on the network, a comprehensive approach is reached.
APA, Harvard, Vancouver, ISO, and other styles
2

Raina, Ravi. "A systems perspective on cybersecurity in the cloud : frameworks, metrics and migration strategy." Thesis, Massachusetts Institute of Technology, 2016. http://hdl.handle.net/1721.1/107602.

Full text
Abstract:
Thesis: S.M. in Engineering and Management, Massachusetts Institute of Technology, School of Engineering, System Design and Management Program, Engineering and Management Program, 2016.
Cataloged from PDF version of thesis.
Includes bibliographical references (pages 119-124).
Cloud computing represents the next generation of disruptive technologies in computing. However, there are several barriers to massive adoption of cloud and among them security remains one of the principal concerns. Traditional failure analysis and prevention frameworks fall exceedingly short to address cybersecurity as is evident by every increasing cybersecurity breaches. New frameworks for cybersecurity are required which take a holistic view of the problem and a systems perspective. Migrating to cloud also represents a key decision point for CEO/CTO's today, especially from security perspective. The objective of this thesis is to illustrate the effectiveness of taking a Systems Approach to cybersecurity and provide a framework for migration to cloud with specific emphasis on critical cybersecurity issues pertaining to various cloud deployment models and delivery services. The thesis is divided into three phases. Firstly, it will aim to explore the major security threats and critical areas of focus for security in cloud. It will explore the major security frameworks, metrics and controls, especially the major ones from NIST, CIS and CSA. SLA's for different cloud service models will then be presented. A high level cloud migration framework strategy and framework, with special emphasis on cybersecurity will also be discussed. In the second phase, System- Theoretic Accident Model and Processes (STAMP) which is based on Systems Theory will be applied to Target security breach and key recommendations as well as new insights will be presented. The analysis will highlight the need for holistic approach and Systems Thinking to cybersecurity and new insights that are not produced by traditional methods will be presented. Finally, in the third phase, the cloud migration framework discussed in phase one will be applied to Target. A case will be made that in certain scenarios, moving the less critical applications to cloud and utilizing the security benefits of cloud can actually reduce the threat vectors and security exposures and bring IT systems from a higher risk state to lower risk state. The thesis integrates cybersecurity methods and frameworks as well as security metrics with the cloud migration strategy. Additionally, it also presents STAMP/CAST failure model for cybersecurity breaches and highlights the need for integrated view of safety and security and Systems Thinking in cybersecurity both in traditional systems and cloud.
by Ravi Raina.
S.M. in Engineering and Management
APA, Harvard, Vancouver, ISO, and other styles
3

Yu, Xiaodong. "Algorithms and Frameworks for Accelerating Security Applications on HPC Platforms." Diss., Virginia Tech, 2019. http://hdl.handle.net/10919/93510.

Full text
Abstract:
Typical cybersecurity solutions emphasize on achieving defense functionalities. However, execution efficiency and scalability are equally important, especially for real-world deployment. Straightforward mappings of cybersecurity applications onto HPC platforms may significantly underutilize the HPC devices' capacities. On the other hand, the sophisticated implementations are quite difficult: they require both in-depth understandings of cybersecurity domain-specific characteristics and HPC architecture and system model. In our work, we investigate three sub-areas in cybersecurity, including mobile software security, network security, and system security. They have the following performance issues, respectively: 1) The flow- and context-sensitive static analysis for the large and complex Android APKs are incredibly time-consuming. Existing CPU-only frameworks/tools have to set a timeout threshold to cease the program analysis to trade the precision for performance. 2) Network intrusion detection systems (NIDS) use automata processing as its searching core and requires line-speed processing. However, achieving high-speed automata processing is exceptionally difficult in both algorithm and implementation aspects. 3) It is unclear how the cache configurations impact time-driven cache side-channel attacks' performance. This question remains open because it is difficult to conduct comparative measurement to study the impacts. In this dissertation, we demonstrate how application-specific characteristics can be leveraged to optimize implementations on various types of HPC for faster and more scalable cybersecurity executions. For example, we present a new GPU-assisted framework and a collection of optimization strategies for fast Android static data-flow analysis that achieve up to 128X speedups against the plain GPU implementation. For network intrusion detection systems (IDS), we design and implement an algorithm capable of eliminating the state explosion in out-of-order packet situations, which reduces up to 400X of the memory overhead. We also present tools for improving the usability of Micron's Automata Processor. To study the cache configurations' impact on time-driven cache side-channel attacks' performance, we design an approach to conducting comparative measurement. We propose a quantifiable success rate metric to measure the performance of time-driven cache attacks and utilize the GEM5 platform to emulate the configurable cache.
Doctor of Philosophy
Typical cybersecurity solutions emphasize on achieving defense functionalities. However, execution efficiency and scalability are equally important, especially for the real-world deployment. Straightforward mappings of applications onto High-Performance Computing (HPC) platforms may significantly underutilize the HPC devices’ capacities. In this dissertation, we demonstrate how application-specific characteristics can be leveraged to optimize various types of HPC executions for cybersecurity. We investigate several sub-areas, including mobile software security, network security, and system security. For example, we present a new GPU-assisted framework and a collection of optimization strategies for fast Android static data-flow analysis that achieve up to 128X speedups against the unoptimized GPU implementation. For network intrusion detection systems (IDS), we design and implement an algorithm capable of eliminating the state explosion in out-of-order packet situations, which reduces up to 400X of the memory overhead. We also present tools for improving the usability of HPC programming. To study the cache configurations’ impact on time-driven cache side-channel attacks’ performance, we design an approach to conducting comparative measurement. We propose a quantifiable success rate metric to measure the performance of time-driven cache attacks and utilize the GEM5 platform to emulate the configurable cache.
APA, Harvard, Vancouver, ISO, and other styles
4

Hedåker, Johanna. "Ramverk för cybersäkerhet: Möjligheter och begränsningar." Thesis, Malmö universitet, Fakulteten för teknik och samhälle (TS), 2019. http://urn.kb.se/resolve?urn=urn:nbn:se:mau:diva-20211.

Full text
Abstract:
I takt med samhällets snabba tekniska utveckling finns också ett behov av exponentiell utveckling av cybersäkerhet. Trender pekar dock på att så inte har skettoch antalet säkerhetsincidenter och intrång har på senare år ökat avsevärt. Tidigarestudier föreslår att dessa incidenter skulle kunna förhindras, eller åtminstone begränsas, genom tillämpningen av moderna säkerhetsramverk, där CIS Critical SecurityControls är ett av de mer kända.Syftet med denna studie är att genom en enkätundersökning granska existerandeåsikter bland yrkesverksamma inom säkerhetsbranschen om vikten och effekterna avatt tillämpa sådana säkerhetsramverk.Resultatet av vår initiala undersökande studie pekar på att säkerhetsramverken kanbidra till att skapa en både grundläggande och substantiell säkerhetsnivå som är enkel att reproducera. Viss aktsamhet bör dock tas eftersom dessa är beroende av bådeerfarenhet och verksamhetsanpassning. Vidare bör grundläggande kursmoment i cybersäkerhet introduceras på utbildningar och kurser, inklusive de discipliner somtraditionellt sett ligger utanför säkerhetsdomänen, eftersom det digitala landskapethar förändrats.
As the technological advancements of our society continue to thrive, there is a need foran exponential growth in the field of cybersecurity. Trends suggest this has not beenthe case and the amount of data- and security breaches has drastically increased overthe past few years. Earlier studies suggest that these incidents could be prevented, orat least limited, by implementing modern cyber security frameworks, such as CISCritical Security Controls.The main aim of this study is to, by conducting an initial investigative survey, examine the existing opinions of professionals from the cybersecurity industry regardingthe significance and effects of implementing such cyber security frameworks.The results of our initial study suggest that cyber security frameworks could contribute to a both sufficient and substantial level of security. However, some caution shouldbe taken into consideration as the frameworks require both experience and adaptation. Furthermore, our results also show that there is a need to introduce basic cybersecurity competence in education, including education traditionally considered to beoutside the field of cybersecurity, as a result of the transformed digital environment.
APA, Harvard, Vancouver, ISO, and other styles
5

Kuznietsova, Tetiania, and Andrii Chyrkov. "State and perspectives of aircraft cybersecurity." Thesis, National aviation university, 2021. https://er.nau.edu.ua/handle/NAU/50678.

Full text
Abstract:
During the latest events in the aviation world, where experts in the field of cybersecurity (example) opened the possibility of gaining access to the aircraft's on-board systems, industry experts (and not only) thought about it. And we are doing quite a lot. There are many existing guides that contain recommendations and practices, for example: «Software Considerations in Airborne Systems and Equipment Certification» contains recommendations for evaluating security and assuring software quality. There is a separation of access, because all systems are somehow connected to each other through the on-board network (take at least maintenance to determine failures): The FAA continues to consider the aircraft guidelines acceptable for software certification, although they acknowledge that the guidelines do not fully cover all areas of software development and life cycle processes, and can sometimes be misinterpreted.
APA, Harvard, Vancouver, ISO, and other styles
6

Camporesi, Mirko. "Securopoly: un gioco per l'insegnamento della Cybersecurity." Bachelor's thesis, Alma Mater Studiorum - Università di Bologna, 2017. http://amslaurea.unibo.it/13274/.

Full text
Abstract:
All'interno della tesi sono presentati vari argomenti legati al mondo della sicurezza informatica e del suo insegnamento. Lo scopo di questo lavoro è presentare la tecnica della gamification e la sua applicazione nel panorama della cybersecurity moderna. Inoltre, viene proposto un gioco di società chiamato Securopoly che implementa le nozioni descritte e che è basato fortemente sul Framework Nazionale per la cybersecurity, un documento che pone gli standard che ogni organizzazione e ogni azienda dovrebbero soddisfare per essere all'avanguardia nel tentativo di difendersi da attacchi informatici.
APA, Harvard, Vancouver, ISO, and other styles
7

Leon, Ryan James. "An Event Management Framework to Aid Solution Providers in Cybersecurity." Thesis, The George Washington University, 2018. http://pqdtopen.proquest.com/#viewpdf?dispub=10745141.

Full text
Abstract:

Cybersecurity event management is critical to the successful accomplishment of an organization’s mission. To put it in perspective, in 2016 Symantec tracked over 700 global adversaries and recorded events from 98 million sensors (Aimoto et al., 2017). Studies show that in 2015, more than 55% of the cyberattacks on government operation centers were due to negligence and the lack of skilled personnel to perform network security duties including the failure to properly identify events (Ponemon, 2015a). Practitioners are charged to perform as first responders to any event that affects the network. Inconsistencies and errors that occur at this level can determine the outcome of an event.

In a time when 91% of Americans believe they have lost control over how information is collected and secured, there is nothing more dangerous than thinking new technology is not vulnerable to attacks (Rainie, 2016). Assailants target those with weak security postures who are unprepared, distracted or lack fundamental elements to identify significant events and secure the environment.

Under executive order, to address these concerns organizations such as the National Institute of Standards and Technology (NIST) and International Organization of Standards (ISO) developed cybersecurity frameworks, which have been widely accepted as industry standards. These standards focus on business drivers to guide cybersecurity activities and risks within critical infrastructure. It outlines a set of cybersecurity activities, references, and outcomes that can be used to align its cyber activities with business requirements at a high-level.

This praxis explores the solution provider’s role in and method of securing environments through their event management practices. Solution providers are a critical piece of proper event management. They are often contracted to provide solutions that adhere to a NIST type framework with little to no guidance. There are supportive documents and guides for event management but nothing substantive like the Cybersecurity Framework and ISO 27001 has been adopted. Using existing processes and protocols an event management framework is proposed that can be utilized to properly manage events and aid solution providers in their cybersecurity mission.

Knowledge of event management was captured through subject matter expertise and supported through literature review and investigation. Statistical methods were used to identify deficiencies in cyber operations that would be worth addressing in an event management framework.

APA, Harvard, Vancouver, ISO, and other styles
8

Snyder, Justin Charles. "A Framework and Exploration of a Cybersecurity Education Escape Room." BYU ScholarsArchive, 2018. https://scholarsarchive.byu.edu/etd/6958.

Full text
Abstract:
This thesis presents a review of educational-escape-room literature followed by a design-oriented framework (the Snyder Escape Room Framework or SERF) and demonstrates the potential efficacy of escape-rooms in cybersecurity education. Several authors have proposed frameworks and guidelines for game and educational design regarding escape rooms. This work coalesces some of those ideas into a more substantial and comprehensive framework (SERF) that designers can use when developing educational escape rooms. The Snyder Escape Room Framework provides heuristics for goals and objectives, players, activities, context, trajectory design, and evaluation. Additionally, this work describes and analyzes the novel prototyped BYU GCC escape room experience and delves into some of what was successful and what could be improved. The first sessions of the experience were observed and documented, and an expert review was performed. Participants did not gain much confidence in learning new technology; however, they did increase their confidence in using new technology through the experience. Participants did indeed learn from the experience, however, participants focused more on team-related concepts gained from the experience rather than the cybersecurity concepts introduced through the escape-room activities. Based on overwhelming positive responses, participants seemed to enjoy performing the experience. The BYU experience is evaluated against the Snyder Framework as an example of how to use the framework while designing or as a tool for evaluating. Using this framework systemizes and catalogues design choices and implications on the room and provides an informed approach for refinement. Applying the Snyder Escape Room Framework to the BYU experience provides further insight beyond just an expert review, and the BYU experience is a novel example to use with SERF. SERF gives a vocabulary and set of heuristics that help designers zero in on important design decisions. Using the framework provides a well-defined set of attributes for discussing the BYU experience and helps clarify what went well with the room and what could be improved upon. This is especially helpful when iterating on room design. The nature of Snyder Framework and this work is that it is multidisciplinary and touches a wide array of related fields and topics. Of note, are the implications of this work on educational games. The SERF can be used as a resource when designing similar experiences while the analysis of the BYU experience based on the SERF provides an example of how the framework can be used for evaluation and iteration.
APA, Harvard, Vancouver, ISO, and other styles
9

Newby, Chandler Ryan. "Designing Cybersecurity Competitions in the Cloud: A Framework and Feasibility Study." BYU ScholarsArchive, 2018. https://scholarsarchive.byu.edu/etd/7417.

Full text
Abstract:
Cybersecurity is an ever-expanding field. In order to stay current, training, development, and constant learning are necessary. One of these training methods has historically been competitions. Cybersecurity competitions provide a method for competitors to experience firsthand cybersecurity concepts and situations. These experiences can help build interest in, and improve skills in, cybersecurity. While there are diverse types of cybersecurity competitions, most are run with on-premise hardware, often centralized at a specific location, and are usually limited in scope by available hardware. This research focuses on the possibility of running cybersecurity competitions, specifically CCDC style competitions, in a public cloud environment. A framework for running cybersecurity competitions in general was developed and is presented in this research. The framework exists to assist those who are considering moving their competition to the cloud. After the framework was completed, a CCDC style competition was developed and run entirely in a public cloud environment. This allowed for a test of the framework, as well as a comparison against traditional, on-premise hosting of a CCDC. The cloud-based CCDC created was significantly less expensive than running a comparable size competition in on-premise hardware. Performance problems—typically endemic in traditionally-hosted CCDCs—were virtually non-existent. Other benefits, as well as potential contraindications, are also discussed. Another CCDC style competition, this one originally built for on-premise hardware, was then ported to the same public cloud provider. This porting process helped to further evaluate and enrich the framework. The porting process was successful, and data was added to the framework.
APA, Harvard, Vancouver, ISO, and other styles
10

Cornel, Caralea May. "A Methodology to Measure the Impact of Diversity on Cybersecurity Team Effectiveness." BYU ScholarsArchive, 2019. https://scholarsarchive.byu.edu/etd/8594.

Full text
Abstract:
In recent years, the definition of cybersecurity professional has been diluted to include more individuals, particularly women, to be included. Depending on the definition used, women currently comprise between 11% and 25% of the cybersecurity workforce. While multiple studies have indicated the benefits to diverse teams, research in the cybersecurity area is lacking.This research proposes a framework that uses a modified escape-the-room gamified scenario to measure the effectiveness of cybersecurity teams in technical problem-solving. The framework presents two routes, incident response and penetration testing, the participants can choose. In a preliminary study, this framework is used to show the combination of gender diversity and prior cybersecurity experience and/or cybersecurity knowledge, particularly in women, are found to be significant in reducing the time taken to solve cybersecurity tasks in the incident response, and penetration testing domains.In conclusion, opportunities for extending this research into a large-scale study are discussed, along with other applications of cybersecurity escape-rooms.
APA, Harvard, Vancouver, ISO, and other styles
More sources

Books on the topic "Cybersecurity frameworks"

1

United States. Congress. House. Committee on Homeland Security. Subcommittee on Cybersecurity, Infrastructure Protection, and Security Technologies. Oversight of Executive Order 13636 and development of the cybersecurity framework: Hearing before the Subcommittee on Cybersecurity, Infrastructure Protection, and Security Technologies of the Committee on Homeland Security, House of Representatives, One Hundred Thirteenth Congress, first session, July 18, 2013. Washington: U.S. Government Printing Office, 2014.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
2

Maksurov, Aleksey. Ensuring information security on the Internet. ru: INFRA-M Academic Publishing LLC., 2023. http://dx.doi.org/10.12737/1942595.

Full text
Abstract:
The monograph examines the features of legal relations in the field of information security in the global information space. The concept of "cybersecurity" is investigated, the institutional independence of the norms of law on ensuring security in the cyber environment is substantiated from the point of view of the subject and method of legal regulation. Considerable attention is paid to the characteristics of the sources of law on ensuring information security on the Internet. Substantial proposals have been made to improve legal regulation in this area both at the national (primarily Russian) and international levels. A technological approach has been applied to the consideration of security issues in the global information space, within the framework of which the organizational, technical and legal principles of ensuring information security in cyberspace, as well as ways and means of ensuring security in the global information space have been studied. It is given not only an assessment of the level of use of funds, their interrelation and mutual complement, but also the legal characteristics of security tools in the global information space, for example cryptographic. The resources allocated for the implementation of the type of legal technology under study that were not previously allocated in the legal literature, for example, scientific and economic. The features of the protection of personal information on the Internet are considered, as well as modern problems of legal security in the global information environment, including cybersecurity in banking, healthcare, and biometric data security. The problems of international cooperation in the field of information security are highlighted. For a wide range of readers interested in information security issues. It can be useful for students, postgraduates and teachers of law schools and faculties.
APA, Harvard, Vancouver, ISO, and other styles
3

Shah, Imdad Ali, Samina Rajper, and Noor Zaman. Cybersecurity Measures for e-Government Frameworks. IGI Global, 2021.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
4

Zaman, Noor, Imdad Ali Shah, and Samina Rajper, eds. Cybersecurity Measures for E-Government Frameworks. IGI Global, 2022. http://dx.doi.org/10.4018/978-1-7998-9624-1.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Shah, Imdad Ali, Samina Rajper, and Noor Zaman. Cybersecurity Measures for e-Government Frameworks. IGI Global, 2022.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
6

Shah, Imdad Ali, Samina Rajper, and Noor Zaman. Cybersecurity Measures for e-Government Frameworks. IGI Global, 2022.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
7

Shah, Imdad Ali, Samina Rajper, and Noor Zaman. Cybersecurity Measures for e-Government Frameworks. IGI Global, 2022.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
8

Shah, Imdad Ali, Samina Rajper, and Noor Zaman. Cybersecurity Measures for e-Government Frameworks. IGI Global, 2022.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
9

Belli, Luca. CyberBRICS: Mapping Cybersecurity Frameworks in the BRICS. Springer International Publishing AG, 2021.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
10

Quest to Cyber Superiority: Cybersecurity Regulations, Frameworks, and Strategies of Major Economies. Springer, 2016.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
More sources

Book chapters on the topic "Cybersecurity frameworks"

1

Donaldson, Scott E., Stanley G. Siegel, Chris K. Williams, and Abdul Aslam. "Cybersecurity Frameworks." In Enterprise Cybersecurity, 297–309. Berkeley, CA: Apress, 2015. http://dx.doi.org/10.1007/978-1-4302-6083-7_17.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Weis, Dan. "Cybersecurity Frameworks." In Boardroom Cybersecurity, 55–75. Berkeley, CA: Apress, 2024. http://dx.doi.org/10.1007/979-8-8688-0785-5_5.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Manjikian, Mary. "Three Ethical Frameworks." In Cybersecurity Ethics, 23–42. 2nd ed. London: Routledge, 2022. http://dx.doi.org/10.4324/9781003248828-3.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Donaldson, Scott E., Stanley G. Siegel, Chris K. Williams, and Abdul Aslam. "Mapping Against Cybersecurity Frameworks." In Enterprise Cybersecurity, 231–39. Berkeley, CA: Apress, 2015. http://dx.doi.org/10.1007/978-1-4302-6083-7_13.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Thompson, Eric C. "Incident Response Frameworks." In Cybersecurity Incident Response, 17–46. Berkeley, CA: Apress, 2018. http://dx.doi.org/10.1007/978-1-4842-3870-7_3.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Donaldson, Scott E., Stanley G. Siegel, Chris K. Williams, and Abdul Aslam. "Mapping Against Cybersecurity Frameworks." In Enterprise Cybersecurity Study Guide, 429–47. Berkeley, CA: Apress, 2018. http://dx.doi.org/10.1007/978-1-4842-3258-3_13.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Alexander, Richard D., and Srinivas Panguluri. "Cybersecurity Terminology and Frameworks." In Cyber-Physical Security, 19–47. Cham: Springer International Publishing, 2016. http://dx.doi.org/10.1007/978-3-319-32824-9_2.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Loi, Michele, and Markus Christen. "Ethical Frameworks for Cybersecurity." In The International Library of Ethics, Law and Technology, 73–95. Cham: Springer International Publishing, 2020. http://dx.doi.org/10.1007/978-3-030-29053-5_4.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

Schoenherr, F. Jordan Richard, and Robert Thomson. "Ethical Frameworks for Cybersecurity." In The Frontlines of Artificial Intelligence Ethics, 141–61. New York: Routledge, 2022. http://dx.doi.org/10.4324/9781003030928-12.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Deutscher, Stefan A., and William Yin. "Standards and Frameworks for Cybersecurity." In The Cyber Risk Handbook, 81–96. Hoboken, NJ, USA: John Wiley & Sons, Inc., 2017. http://dx.doi.org/10.1002/9781119309741.ch6.

Full text
APA, Harvard, Vancouver, ISO, and other styles

Conference papers on the topic "Cybersecurity frameworks"

1

Kumar Jain, Yogesh, CA Dhaarna Singh Rathore, Anjani Johrawanshi, Manish Gupta, Deepak Kumar Choudhary, and Ankur Pandey. "Cybersecurity Frameworks: A Roadmap for Business Resilience." In 2024 International Conference on Cybernation and Computation (CYBERCOM), 102–8. IEEE, 2024. https://doi.org/10.1109/cybercom63683.2024.10803234.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Latoni, Anthony, and Xiaowen Zhang. "Enhancing Cybersecurity in Healthcare 5.0 Through Innovative Frameworks." In 2024 IEEE Long Island Systems, Applications and Technology Conference (LISAT), 1–6. IEEE, 2024. https://doi.org/10.1109/lisat63094.2024.10808000.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Hanson, Danielle, and Jeremy Straub. "A Systematic Review of Cybersecurity Audit Frameworks for the Internet of Things." In 2024 IEEE International Conference on Cyber Security and Resilience (CSR), 133–38. IEEE, 2024. http://dx.doi.org/10.1109/csr61664.2024.10679377.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Ramesh, Keshav, Nikita Christ Miller, Aariz Faridi, Fadi Aloul, Imran Zualkernan, and Ali Reza Sajun. "Efficient Machine Learning Frameworks for Strengthening Cybersecurity in Internet of Medical Things (IoMT) Ecosystems." In 2024 IEEE International Conference on Internet of Things and Intelligence Systems (IoTaIS), 92–98. IEEE, 2024. https://doi.org/10.1109/iotais64014.2024.10799438.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Pandey, Radhika, Shaik Anjimoon, V. Asha, Atul Singla, Irfan Khan, and Zain Alabdeen Hasan Abed. "Developing Robust Cybersecurity Policies and Governance Frameworks in Response to Evolving Legal and Regulatory Landscapes." In 2024 OPJU International Technology Conference (OTCON) on Smart Computing for Innovation and Advancement in Industry 4.0, 1–6. IEEE, 2024. http://dx.doi.org/10.1109/otcon60325.2024.10687438.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Sheh, R., K. Geappen, and D. Harriss. "AUTONOMOUS CYBERSECURITY AND AI RISK MANAGEMENT FOR UNCREWED SYSTEMS: CHALLENGES AND OPPORTUNITIES USING THE NIST FRAMEWORKS." In XPONENTIAL 2024, 46–67. Arlington, Virginia, USA: Association for Unmanned Vehicle Systems International, 2024. http://dx.doi.org/10.52202/075106-0003.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Marek, James. "Cybersecurity and Risk Management Framework in Avionics." In Vertical Flight Society 74th Annual Forum & Technology Display, 1–10. The Vertical Flight Society, 2018. http://dx.doi.org/10.4050/f-0074-2018-12893.

Full text
Abstract:
It is impossible to open a newspaper, turn on a television, or visit a news website these days without being barraged with cybersecurity related news. Every domain is being attacked, penetrated, and impacted by cyber-crime and the range, complexity, and frequency of attacks is expanding daily. Across the board we face a wide range of adversaries from disgruntled employees to nation states that are bent on taking our critical systems down temporarily or permanently. Avionics systems are not immune from this and over the past several years, cybersecurity policies and the Risk Management Framework (DoD 8510.01) approach to securing US cyber systems, have been maturing and rapidly growing in adoption. However, many in the avionics community remain uninformed regarding the impacts of these new policies and initiatives to their systems nor how best to ensure they are taking a practical and efficient approach to implementing them. Gone are the days of a magic box that all of the security requirements are allocated to. Modern Cybersecurity is a systems discipline and cuts across the entire avionics suite. This paper will introduce the Risk Management Framework (RMF) and Cybersecurity and discuss what they are, how we got here, how they are related, and how they are impacting and will impact legacy and future avionics systems on tactical military aircraft. The paper will present some observations and best practices associated with application of Cybersecurity and RMF to avionics. It will also include some benefits of safety critical designs toward cyber-hardening and where safety and security are mutually exclusive. It will touch briefly on some impacts to avionics systems related to hot Cybersecurity topics such as HBSS (Host Based Security System), STIGs (Security Technical Implementation Guides), Static code analysis, DoD PKI (Department of Defense Public Key Infrastructure), electronic delivery, and insider threats. The paper will include a perspective on the development environment, the deployed systems, and deployment sites and how RMF and Cybersecurity impact both the contractor and the DoD customer related to these perspectives.
APA, Harvard, Vancouver, ISO, and other styles
8

Chew, M. D., and J. Buongiorno. "A Cybersecurity Framework For Nuclear Microreactors." In 2024 International Congress on Advances in Nuclear Power Plants (ICAPP), 442–50. Illinois: American Nuclear Society, 2024. http://dx.doi.org/10.13182/t130-43781.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

Wang, Wenjia, Seyed Masoud Sadjadi, and Naphtali Rishe. "A Survey of Major Cybersecurity Compliance Frameworks." In 2024 IEEE 10th Conference on Big Data Security on Cloud (BigDataSecurity). IEEE, 2024. http://dx.doi.org/10.1109/bigdatasecurity62737.2024.00013.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Falé, Pedro, Leonilde Reis, and Rui Almeida. "Cybersecurity – Security Operations Center." In Sixth International Scientific Conference ITEMA Recent Advances in Information Technology, Tourism, Economics, Management and Agriculture. Association of Economists and Managers of the Balkans, Belgrade, Serbia, 2022. http://dx.doi.org/10.31410/itema.2022.99.

Full text
Abstract:
Currently, most organizations are dependent on Information and Communication Technologies, in the sense of accomplishing their underly­ing business activities. In this scope, cybersecurity is considered the domain that has the strength to protect sensitive information, be it at the individu­al level or in an organizational context. The objective of this paper is to in­troduce the concept, relevance, and functions of a Security Operations Cen­tre. The methodology underlying the study was based on the use of the MI­TRE Adversarial Tactics, Techniques and Common Knowledge framework as a matrix of tactics and techniques based on real scenario observations. The main results emphasize the importance of incorporating the Security Oper­ations Center as a barrier against cybersecurity threats. Security Operations Center brings additional value to the organizational context, through peo­ple, processes and technologies while also using several frameworks to im­prove work management, incident response and incident control.
APA, Harvard, Vancouver, ISO, and other styles

Reports on the topic "Cybersecurity frameworks"

1

Raza, Haider. Research work on cybersecurity frameworks. Ames (Iowa): Iowa State University, January 2020. http://dx.doi.org/10.31274/cc-20240624-1224.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Srinivasan, Piya. Strengthening cybersecurity frameworks remains a global challenge. Edited by Sam Hendricks. Monash University, December 2023. http://dx.doi.org/10.54377/d1ef-9335.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Pulivarti, Ronald. Genomic Data Cybersecurity and Privacy Frameworks Community Profile. Gaithersburg, MD: National Institute of Standards and Technology, 2024. https://doi.org/10.6028/nist.ir.8467.2pd.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

David, Aharon. Unsettled Topics Concerning Airport Cybersecurity Standards and Regulation. SAE International, September 2021. http://dx.doi.org/10.4271/epr2021020.

Full text
Abstract:
A large international airport is a microcosm of the entire aviation sector, hosting hundreds of different types of aviation and non-aviation stakeholders: aircraft, passengers, airlines, travel agencies, air traffic management and control, retails shops, runway systems, building management, ground transportation, and much more. Their associated information technology and cyber physical systems—along with an exponentially resultant number of interconnections—present a massive cybersecurity challenge. Unlike the physical security challenge, which was treated in earnest throughout the last decades, cyber-attacks on airports keep coming, but most airport lack essential means to confront such cyber-attacks. These missing means are not technical tools, but rather holistic regulatory directives, technical and process standards, guides, and best practices for airports cybersecurity—even airport cybersecurity concepts and basic definitions are missing in certain cases. Unsettled Topics Concerning Airport Cybersecurity Standards and Regulation offers a deeper analysis of these issues and their causes, focusing on the unique characteristics of airports in general, specific cybersecurity challenges, missing definitions, and conceptual infrastructure for the standardization and regulation of airports cybersecurity. This last item includes the gaps and challenges in the existing guides, best-practices, standards, and regulation pertaining to airport cybersecurity. Finally, practical solution-seeking processes are proposed, as well as some specific potential frameworks and solutions.
APA, Harvard, Vancouver, ISO, and other styles
5

Scarfone, Karen. Development of Relationship Mapping between Documentary Standards, Regulations, Frameworks, and Guidelines: Cybersecurity and Privacy Content Mapping. Gaithersburg, MD: National Institute of Standards and Technology, 2023. http://dx.doi.org/10.6028/nist.ir.8477.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Scarfone, Karen. Development of Relationship Mapping between Documentary Standards, Regulations, Frameworks, and Guidelines: Cybersecurity and Privacy Content Mapping. Gaithersburg, MD: National Institute of Standards and Technology, 2023. http://dx.doi.org/10.6028/nist.ir.8477.ipd.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Coyner, Kelley, and Jason Bittner. Automated Vehicles and Infrastructure Enablers: Cybersecurity. 400 Commonwealth Drive, Warrendale, PA, United States: SAE International, August 2024. http://dx.doi.org/10.4271/epr2024018.

Full text
Abstract:
<div class="section abstract"><div class="htmlview paragraph">While weaponizing automated vehicles (AVs) seems unlikely, cybersecurity breaches may disrupt automated driving systems’ navigation, operation, and safety—especially with the proliferation of vehicle-to-everything (V2X) technologies. The design, maintenance, and management of digital infrastructure, including cloud computing, V2X, and communications, can make the difference in whether AVs can operate and gain consumer and regulator confidence more broadly. Effective cybersecurity standards, physical and digital security practices, and well-thought-out design can provide a layered approach to avoiding and mitigating cyber breaches for advanced driver assistance systems and AVs alike. Addressing cybersecurity may be key to unlocking benefits in safety, reduced emissions, operations, and navigation that rely on external communication with the vehicle.</div><div class="htmlview paragraph"><b>Automated Vehicles and Infrastructure Enablers: Cybersecurity</b> focuses on considerations regarding cybersecurity and AVs from the perspective of V2X infrastructure, including electric charging infrastructure. These issues are examined in the context of initiatives in the US at all levels of government and regulatory frameworks in the UK, Europe, and Asia.</div><div class="htmlview paragraph"><a href="https://www.sae.org/publications/edge-research-reports" target="_blank">Click here to access the full SAE EDGE</a><sup>TM</sup><a href="https://www.sae.org/publications/edge-research-reports" target="_blank"> Research Report portfolio.</a></div></div>
APA, Harvard, Vancouver, ISO, and other styles
8

Petersen, Rodney, Danielle Santos, Matthew C. Smith, Karen A. Wetzel, and Greg Witte. Workforce Framework for Cybersecurity (NICE Framework). National Institute of Standards and Technology, November 2020. http://dx.doi.org/10.6028/nist.sp.800-181r1.

Full text
Abstract:
This publication from the National Initiative for Cybersecurity Education (NICE) describes the Workforce Framework for Cybersecurity (NICE Framework), a fundamental reference for describing and sharing information about cybersecurity work. It expresses that work as Task statements and describes Knowledge and Skill statements that provide a foundation for learners including students, job seekers, and employees. The use of these statements helps students to develop skills, job seekers to demonstrate competencies, and employees to accomplish tasks. As a common, consistent lexicon that categorizes and describes cybersecurity work, the NICE Framework improves communication about how to identify, recruit, develop, and retain cybersecurity talent. The NICE Framework is a reference source from which organizations or sectors can develop additional publications or tools that meet their needs to define or provide guidance on different aspects of cybersecurity education, training, and workforce development.
APA, Harvard, Vancouver, ISO, and other styles
9

Stouffer, Keith, Timothy Zimmerman, CheeYee Tang, Joshua Lubell, Jeffrey Cichonski, and John McCarthy. Cybersecurity framework manufacturing profile. Gaithersburg, MD: National Institute of Standards and Technology, September 2017. http://dx.doi.org/10.6028/nist.ir.8183.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Scarfone, Karen. NIST Cybersecurity Framework 2.0:. Gaithersburg, MD: National Institute of Standards and Technology, 2024. http://dx.doi.org/10.6028/nist.sp.1302.ipd.

Full text
APA, Harvard, Vancouver, ISO, and other styles
You might also be interested in the extended bibliographies on the topic 'Cybersecurity frameworks' for particular source types:
Journal articles Dissertations / Theses Books
We offer discounts on all premium plans for authors whose works are included in thematic literature selections. Contact us to get a unique promo code!

To the bibliography