Understanding CsP-MICS (NexusFour) Model and

Cybersecurity Resilience Framework

CsP-MICS
(NexusFour) Model Cybersecurity Resilience Framework

ACIS Cyber LAB Team

Paradigm Shift in Cybersecurity

From Time-based Security To Responsive Security
S-M-C-I (Social, Mobile,
Cloud and Information/Big Data) The Nexus of Disruptive
Forces
Social, Mobile, Cloud and

Information/Big Data
( 1 2)
Nexus of Disruptive Forces

S-M-C-I (Privacy)
(Privacy) (Security)
Internet of Things (IoT)

1 : Gartners The Nexus of Disruptive Forces : S-M-C-I (Social, Mobile, Cloud and Information/Big Data)

 2 : ACIS-Cybertron CsP-MICS (NexusFour) Model

 ACIS-Cybertron CsP-MICS (NexusFour) Model

3 : Information Security Forum (ISF), Cybersecurity and Cyber Resilience Model

Model Information Security Forum (ISF) Cyber

Security Cyber Resilience
3 ( 3)

Information Security Cyber Security
Cyber
Resilience

ISO/IEC 27001 ISMS (Information Security
Management System)

(Cyber Security) ISO/IEC 27001 ISO/IEC

27032 Guidelines for Cybersecurity

(Cyber
Resilience) (Unknown
Threats) ( 4)
Unknown Threat (Cyber Attack)

Cyber Resilience
(Protective Security) (Responsive Security)

Security Incident Data Breach

4 : Undefined Unknown Threats at Risk

 5 : ISACAs The Cybersecurity Resilience Life Cycle

model The Cybersecurity Resilience Life Cycle

ISACA ( 5) model Cybersecurity Nexus: The
Cybersecurity Resilience Life Cycle ISACA ( 5) ISACA
ISO 22301 Business
Continuity Management System (BCMS) (Incident
Management) (Crisis Management)
Organizational Resilience


Cybersecurity Resilience

model
ISF Cybersecerity Resilience
ACIS Cybertron
ACIS-Cybertron Cybersecerity Resilience Framework
8
1. ISF
Cyber Security Strategy
2. ISACA
Cyber Security Nexus (CSX)
3. ISO
ISO/IEC 27032:2012, Information
technology -- Security techniques -- Guidelines for
Cybersecurity
4. NICE
National Cybersecurity Workforce
Framework
5. NIST
NIST Cybersecurity Framework
6. US-CERT
Cyber Resilience Review (CRR)
7. ENISA
National Cyber Security Strategies
8. ITU
National Cyber Security Strategies Guide
2 Time Based Security Winn
Schwartau Responsive Security Dr. Meng Chow Kang
Framework ( 6)

 6 : ACIS-Cybertron Cybersecerity Resilience Framework

 7 : ACIS-Cybertron Cybersecerity Resilience Framework

ACIS-Cybertron Cybersecerity Resilience Framework (

7) ACIS Cybertron I-P-D-R-R
NIST Cybersecerity Framwork
3 Identify &
Protect Detect Respond Identify &
Protect

Detect
(before security incident/data
breach) 24
Respond

 (after security incident/data breach)

ACIS-Cybertron Cybersecerity
Resilience Framework

8 : The Real Meaning of Cybersecurity

(source : Cybersecurity for Executive book by Gregory J. Touhill and

C. Joseph Touhill)
ACIS-Cybertron Cybersecerity
Resilience Framework
( 8)


(Reputational Risk)
24 Full Time Activity
(Monitor and
Detect) 24

Cybersecurity Outsourcing
3rd Party Managed Security Service
Provider (MSSP)
Public Cloud

Economy of Scale

Data Center,
Servers, Firewall, Anti-DDoS Attack devices
Public Cloud

(Security) (Privacy) ( 9)

9 : Trusted Cloud Principles (source : Trusted Cloud Initiative : CSA & Microsoft)

(Security)
(Privacy)

( 10)

 10 :

Holistic Conceptual Thinking View of ACIS-Cybertron Cybersecurity Resilience Framework

1. (Security) 2. (Privacy)
3. (Trust)
Trust Trust
Security Privacy
4.
(Cybersecurity Resilience) 5.
(Sustainability)
ACIS-Cyberton Cybersecerity
Resilience Framework
Resilience Sustainability

 11 : ACIS Top Ten IT & Cybersecurity Threats and Trends for 2016

. 2016 (
11)
eLeader Top Ten IT &
Cybersecurity Threats and Trends for 2016