tashatuvango - Fotolia

Q
Get started Bring yourself up to speed with our introductory content.

What are the core components of a cybersecurity framework?

Cybersecurity frameworks differ from one company to another, but each plan has four fundamental stages. Find out what you need to know.

Every cybersecurity framework is different. Thus, each describes core components in its own way. That said, they're all built on similar principles, and they are used to achieve similar cybersecurity goals. While a specific cybersecurity framework goes into far greater detail in how it is constructed and designed, it loosely revolves around a continuous lifecycle process consisting of the following four key stages.

  1. Identify and document cybersecurity goals. This component is used to identify the cybersecurity goals an organization wants to achieve. Identified goals will be different for each organization. They are mostly dependent on the business's level of cybersecurity competency, overall business intent and whether the organization must meet specific goals due to regulatory requirements.
  2. Set guidelines designed to achieve cybersecurity goals. In this stage of a cybersecurity framework, a detailed list of functions, processes and actions are created that serve to achieve the goals outlined in the identification stage. This stage should also contain steps to prioritize goals and define roles and responsibilities for each defined objective.
  3. Implement cybersecurity processes. This is the action stage of the framework, where each goal is implemented within the enterprise infrastructure. Communication is crucial in this stage as applied cybersecurity processes often involve multiple areas or departments.
  4. Monitor and communicate results. Lastly, the implemented objectives are monitored, documented and reviewed to ensure the cybersecurity framework processes are effective. Results are appropriately communicated to the organization, and steps are taken to continuously improve existing processes and objectives.
This was last published in June 2019

Dig Deeper on Risk assessments, metrics and frameworks

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Join the conversation

1 comment

Send me notifications when other members comment.

Please create a username to comment.

How is a cybersecurity strategy useful to your organization?
Cancel

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly.com

Close