As our world gets increasingly digitized and interconnected, the threats of cyber-attacks rise with it. Organizations need resilient and secure systems and processes in place to protect them, and an effective solution is a cybersecurity framework. Two new ISO guidance documents have just been published to help organizations ensure the best possible frameworks and keep them cyber-secure.
Developed in collaboration with the International Electrotechnical Commission (IEC), ISO/IEC TS 27110, Information technology, cybersecurity and privacy protection – Cybersecurity framework development guidelines, specifies how to create or refine a robust system to protect against cyber-attacks.
Recognizing that many different cybersecurity frameworks exist, with highly diverse lexicons and conceptual structures, this technical specification intends to simplify the task for both creators and users by providing an internationally agreed minimum set of concepts and definitions that everyone can agree on. This then frees up valuable time for combating the real threats to cybersecurity rather than getting entangled up in the concepts and terminology.
ISO/IEC TS 27110 is complemented by ISO/IEC TS 27100, Information technology – Cybersecurity – Overview and concepts, which defines cybersecurity, establishes its context in terms of managing information security risks when information is in digital form, and describes relevant relationships including how cybersecurity is related to information security.
LiberoAssurance being an accredited certification body can provide certification services for your Information security management systems such as: