Here are the 4 Main Purposes and Features of Cyber Security Principles;
The cyber security principles
Purpose of the cyber security principles
The purpose of cyber security principles is to provide strategic guidance on how an organization can protect its systems and data from cyber threats. These cyber security principles are grouped into four key activities: govern, protect, detect and respond & Features of Cyber Security Principles.
Govern: Identifying and managing security risks.
Protect: Implementing controls to reduce security risks.
Detect: Detecting and understanding cyber security events to identify cyber security incidents.
Respond: Responding to and recovering from cyber security bottom idents.
1) GOVERN PRINCIPLES
The governing principles are:
G1: A Chief Information Security Officer is in charge of leading cyber security and keeping an eye on it.
G2: The value and identity of systems, applications, and data are found and written down.
G3: The requirements for privacy, security, and availability of systems, applications, and data are set and written down.
G4: Processes for managing security risks are built into frameworks for managing risks in an organization Features of Cyber Security Principles.
G5: Security risks are found, written down, managed, and accepted both before systems and apps are given permission to be used and while they are in use.
2) PROTECT PRINCIPLES
The protection principles are:
P1: Systems and applications are designed, deployed, maintained, and shut down based on their value and the requirements for their availability, confidentiality, and integrity.
P2: Trusted suppliers deliver and support systems and applications.
P3: Systems and applications are set up to make them harder to break into.
P4: Systems and apps are managed in a way that is safe and accountable.
P5: Security holes in systems and applications are found and fixed as soon as possible Features of Cyber Security Principles.
P6: Only operating systems, applications, and computer code that can be trusted and are supported can run on systems.
P7: Data is encrypted both when it is at rest and when it is moving from one system to another.
P8: Data sent from one system to another is controlled and can be checked.
P9: Data, programs, and configuration settings are backed up regularly safely, and reliably Features of Cyber Security Principles.
P10: Only people who have been trusted and checked out can get into systems, applications, and data stores.
P11: Employees are only given access to systems, applications, and data stores that they need to do their jobs.
P12: There are many ways to find out who is using systems, applications, and data repositories and make sure they are who they say they are.
P13: The staff gets ongoing training on cyber security awareness.
P14: Only authorized people can physically get into systems, their supporting infrastructure, and facilities.
3) DETECT PRINCIPLES
The detection principles are:
D1: Cyber security events are found by collecting and analyzing event logs in a timely way Features of Cyber Security Principles.
D2: Cyber security events are looked at quickly so that cyber security incidents can be found.
4) RESPOND TO PRINCIPLES
The response principles are:
R1: Cyber security problems are quickly reported inside and outside the organization to the right people or groups.
R2: Cyber security incidents are quickly stopped, fixed, and recovered from.
R3: Plans for business continuity and disaster recovery are implemented when needed Features of Cyber Security Principles.
Maturity modeling
When putting the cyber security principles into action, an organization can use the following maturity model to measure how well each principle, group of principles or the principles as a whole are being put into action. The five stages in the model of maturity are the Features of Cyber Security Principles:
Incomplete
The cyber security principles are only partly or not at all put into practice.
First, the cyber security principles are used, but not well or in a consistent way Features of Cyber Security Principles.
Developing
The cyber security principles are put into place well, but it depends on the project.
Managing: Cybersecurity principles have become standard business practices and are robustly put into place throughout the whole organization & its Features of Cyber Security Principles.
Optimizing
When it comes to putting cyber security principles into action across the organization, there is a clear focus on optimization and continuous improvement Features of Cyber Security Principles.