No tags yet.
The Cyber Security domain has been expanding at an accelerated pace over the past several years. With the introduction of digital, the domain has added a whole new dimension to itself. In recent years I have interacted with many business and technology leaders who are questioning how best to implement a comprehensive security program that is prudent as well as effective. Complexity can be detrimental to Information Security, putting all the pieces in place of the cybersecurity puzzle can quickly turn into a herculean task. So at the risk of oversimplification I have created the cybersecurity chakra in an attempt to improve clarity.
While the CIS top 20 controls (CSC) provide a good set of technical controls, it is limited in administrative assurances. On the other end, we have NIST 800-53 & ISO 27000 security frameworks with 100s of controls which can be very overwhelming. In my experience, these 43 controls can be a good starting point to help improve the effectiveness of your cybersecurity posture. The 360 Platform looks at the People, Process, Technology, and Organization with a goal to provide a comprehensive view of the various dimensions of a successful program. The goal here is to provide a simplified yet holistic view of the cybersecurity domain for Business Leaders to devise an effective security program. I hope you will find the chakra helpful and I welcome your queries and comments.
For more privacy related blogs visit:
CyberAdviser | Data Security Law | Ballard Spahr LLP (cyberadviserblog.com)