tashatuvango - Fotolia
Every cybersecurity framework is different. Thus, each describes core components in its own way. That said, they're all built on similar principles, and they are used to achieve similar cybersecurity goals. While a specific cybersecurity framework goes into far greater detail in how it is constructed and designed, it loosely revolves around a continuous lifecycle process consisting of the following four key stages.
- Identify and document cybersecurity goals. This component is used to identify the cybersecurity goals an organization wants to achieve. Identified goals will be different for each organization. They are mostly dependent on the business's level of cybersecurity competency, overall business intent and whether the organization must meet specific goals due to regulatory requirements.
- Set guidelines designed to achieve cybersecurity goals. In this stage of a cybersecurity framework, a detailed list of functions, processes and actions are created that serve to achieve the goals outlined in the identification stage. This stage should also contain steps to prioritize goals and define roles and responsibilities for each defined objective.
- Implement cybersecurity processes. This is the action stage of the framework, where each goal is implemented within the enterprise infrastructure. Communication is crucial in this stage as applied cybersecurity processes often involve multiple areas or departments.
- Monitor and communicate results. Lastly, the implemented objectives are monitored, documented and reviewed to ensure the cybersecurity framework processes are effective. Results are appropriately communicated to the organization, and steps are taken to continuously improve existing processes and objectives.
Dig Deeper on Risk assessments, metrics and frameworks
Related Q&A from Andrew Froehlich
Audio and video conferencing each have benefits and drawbacks. Learn the difference between audio and video conferencing to decide which best suits ... Continue Reading
For some users, Zoom Meetings is all they will need; others may opt for Zoom Rooms. Learn about the features each service provides and the supported ... Continue Reading
Explore the steps organizations must take to upgrade their network infrastructure, including how to tell if an upgrade is necessary and how to ... Continue Reading