preliminary-cybersecurity-framework

《preliminary-cybersecurity-framework》由会员上传分享，免费在线阅读，更多相关内容在学术论文-天天文库。

1、1ImprovingCriticalInfrastructureCybersecurityExecutiveOrder13636PreliminaryCybersecurityFrameworkPreliminaryCybersecurityFramework2NotetoReviewers3ThePreliminaryCybersecurityFrameworkforimprovingcriticalinfrastructurecybersecurityis4nowavailableforreview.ThePrel

2、iminaryCybersecurityFrameworkisprovidedbytheNational5InstituteofStandardsandTechnology(NIST).6IftheCybersecurityFrameworkistobeeffectiveinhelpingtoreducecybersecurityrisktothe7Nation’scriticalinfrastructure,itmustbeabletoassistorganizationsinaddressingavarietyof

3、8cybersecuritychallenges.TheNationalInstituteofStandardsandTechnology(NIST)requests9thatreviewersconsiderthefollowingquestions:10DoesthePreliminaryFramework:11adequatelydefineoutcomesthatstrengthencybersecurityandsupportbusiness12objectives?13enablecost-effect

4、iveimplementation?14appropriatelyintegratecybersecurityriskintobusinessrisk?15providethetoolsforseniorexecutivesandboardsofdirectorstounderstandrisksand16mitigationsattheappropriatelevelofdetail?17providesufficientguidanceandresourcestoaidbusinessesofallsize

5、swhilemaintaining18flexibility?19providetherightlevelofspecificityandguidanceformitigatingtheimpactof20cybersecuritymeasuresonprivacyandcivilliberties?21expressexistingpracticesinamannerthatallowsforeffectiveuse?2223WillthePreliminaryFramework,aspresented:24b

6、einclusiveof,andnotdisruptiveto,effectivecybersecuritypracticesinusetoday,25includingwidely-usedvoluntaryconsensusstandardsthatarenotyetfinal?26enableorganizationstoincorporatethreatinformation?2728IsthePreliminaryFramework:29presentedattherightlevelofspecific

7、ity?30sufficientlyclearonhowtheprivacyandcivillibertiesmethodologyisintegratedwith31theFrameworkCore?32Disclaimer33Anymentionofcommercialproductsisforinformationonly;itdoesnotimplyNIST34recommendationorendorsement,nordoesitimplythattheproductsmentionedarenecess

8、arily35thebestavailableforthepurpose.iPreliminaryCybersecurityFramework36TableofContents371.0FrameworkIntroduction....................................................