NIST CyberSecurity Framework Compliance: A Generic Model for Dynamic Assessment and Predictive Requirements

Teodoro, Nuno; Gonçalves, Luís Jorge; Serrão, Carlos

doi:10.1109/trustcom.2015.402

Cited by 9 publications

(2 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…According to the NIST framework [36], the lifecycle of cyberthreat mitigation strategies consists of five phases: identify, protect, detect, respond, and recover (see Figure 2). Each of these phases plays a vital role in sustainable cybersecurity.…”

Section: Cyber-risks and Preventive Strategiesmentioning

confidence: 99%

Toward a Sustainable Cybersecurity Ecosystem

et al. 2020

View full text Add to dashboard Cite

Cybersecurity issues constitute a key concern of today’s technology-based economies. Cybersecurity has become a core need for providing a sustainable and safe society to online users in cyberspace. Considering the rapid increase of technological implementations, it has turned into a global necessity in the attempt to adapt security countermeasures, whether direct or indirect, and prevent systems from cyberthreats. Identifying, characterizing, and classifying such threats and their sources is required for a sustainable cyber-ecosystem. This paper focuses on the cybersecurity of smart grids and the emerging trends such as using blockchain in the Internet of Things (IoT). The cybersecurity of emerging technologies such as smart cities is also discussed. In addition, associated solutions based on artificial intelligence and machine learning frameworks to prevent cyber-risks are also discussed. Our review will serve as a reference for policy-makers from the industry, government, and the cybersecurity research community.

show abstract

Section: Cyber-risks and Preventive Strategiesmentioning

confidence: 99%

Toward a Sustainable Cybersecurity Ecosystem

et al. 2020

View full text Add to dashboard Cite

show abstract

“…In [7], the authors proposed a method to select measures which evaluate the gap between the current and the target states based on the NIST CSF risk Tiers. In [8], on the other hand, the authors highlighted the need for Compliance Assessment in order to reduce the gap in the Processes pillar (one of three pillars including Human Resources and Technology). Therefore, they proposed a model that is generic to allow for overall compliance evaluation.…”

Section: Related Workmentioning

confidence: 99%

Information Security Maturity Model for Nist Cyber Security Framework

Almuhammadi¹,

Alsaleh²

2017

Computer Science &Amp; Information Technology (CS &Amp; IT)

View full text Add to dashboard Cite

The National Institute of Standards and Technology (NIST) has issued a framework to provide guidance for organizations within critical infrastructure sectors to reduce the risk associated with cyber security. The framework is called NIST Cyber Security Framework for Critical Infrastructure (CSF). Many organizations are currently implementing or aligned to different information security frameworks. The implementation of NIST CSF needs to be aligned with and complement the existing frameworks. NIST states that the NIST CSF is not a maturity framework. Therefore, there is a need to adopt an existing maturity model or create one to have a common way to measure the CSF implementation progress. This paper explores the applicability of number of maturity models to be used as a measure to the security poster of organizations implementing the NIST CSF. This paper reviews the NIST CSF and compares it to other information security related frameworks such as COBIT, ISO/IEC 27001 and the ISF Standard of Good Practice (SoGP) for Information Security. We propose a new information security maturity model (ISMM) that fills the gap in the NIST CSF.

show abstract