Appendix CStandards and References
There are several international and domestic standards and guidelines available to help organizations create and maintain the cybersecurity portion of their corporate policies and procedures. One of the driving forces in the ongoing development of cybersecurity initiatives in the United States is the National Institute of Standards and Technology (NIST).
These frameworks were developed to assist governmental and business organizations in the design and development of systems and techniques to provide security for their critical infrastructure. These guidelines were key references in the development of this Practical Industrial Cybersecurity book.
The following list identifies a few of the most commonly used guidelines:
- NIST SP 800-53, Security and Privacy Controls for Federal Information Systems and Organizations—Published by the National Institute of Standards and Technology, this is a US security standard created to provide a catalog of security and privacy controls for federal information systems and organizations and a process of selecting controls to protect organizational operations, assets, and the nation from a diverse set of threats, including hostile cyberattacks, natural disasters, structural failures, and human errors. See
https://nvd.nist.gov/800-53. - NIST Cybersecurity Framework (CSF)—The CSF consists of standards, guidelines, and best practices to promote the protection of critical infrastructure. The prioritized, flexible, ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access