The Department of Commerce Provides Website Owners with High-Level Security Guidelines
Each function maps to key categories of desired outcomes (e.g., “Asset Management,” “Access Control”). Each category then expands to a series of more specific outcomes and technical/management activities. These are then tied to dozens of “informative references,” such as ISO/IEC, ISA, and COBIT, which are well-established implementation standards. The Framework doesn’t include specific practices or requirements. Instead, it’s meant to facilitate an iterative process that involves “detecting risks and constantly adjusting one’s security program and defenses.”
Companies that utilize the NIST Cyber Security Framework must comply with other respected entities and their related rules such as the FTC and the Payment Card Industry. Those that accept or process or provide technology in relation to payment card data must comply with specified Payment Card Industry (PCI) rules, including specific data security standards (PCI DSS) and implementation protocols.
Read the full article here:
Want More Security-Related Info? Check Out These Articles!
Hackers Are Able to Access Millions of Smart Phones!
Is Your Website Safe from Hackers?
Cyber Attacks in 2014 Cost the World $445 Billion