Chapter 3

Cybersecurity Framework

Chapter Objectives

After reading this chapter and completing the exercises, you will be able to do the following:

  • Understand confidentiality, integrity, and availability (the CIA security model).

  • Describe the security objectives of confidentiality, integrity, and availability.

  • Discuss why organizations choose to adopt a security framework.

  • Understand the intent of the National Institute of Standards and Technology (NIST) Cybersecurity Framework.

  • Understand the intent of the ISO/IEC 27000-series of information security standards.

  • Outline the domains of an information security program.

Our focus in this chapter on information security objectives and framework will answer the following (and many other) questions ...

Get Developing Cybersecurity Programs and Policies, Third Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.