There are several international and domestic standards and guidelines available to help organizations create and maintain the cybersecurity portion of their corporate policies and procedures. One of the driving forces in the ongoing development of cybersecurity initiatives in the United States is the National Institute of Standards and Technology (NIST).

These frameworks were developed to assist governmental and business organizations in the design and development of systems and techniques to provide security for their critical infrastructure. These guidelines were key references in the development of this Practical Industrial Cybersecurity book.

The following list identifies a few of the most commonly used guidelines:

• NIST SP 800-53, Security and Privacy Controls for Federal Information Systems and Organizations—Published by the National Institute of Standards and Technology, this is a US security standard created to provide a catalog of security and privacy controls for federal information systems and organizations and a process of selecting controls to protect organizational operations, assets, and the nation from a diverse set of threats, including hostile cyberattacks, natural disasters, structural failures, and human errors. See https://nvd.nist.gov/800-53.
• NIST Cybersecurity Framework (CSF)—The CSF consists of standards, guidelines, and best practices to promote the protection of critical infrastructure. The prioritized, flexible, ...