Scribd Logo
Upload

Welcome to Scribd!

  • 25 Great But Little-Known Cybersecurity Frameworks

    Uploaded by

    security.researcher
    27 views2 pages
    This document lists and summarizes 27 cybersecurity frameworks from around the world. It provides the framework name, current revision date, developing organization, country of origin, and whether there is a cost associated. The frameworks cover a wide range of topics and sectors and include options for small, medium, and large organizations as well as governments. Links are provided for more information on each individual framework.

    Original Description:

    Original Title

    25 Great but Little-known Cybersecurity Frameworks

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document lists and summarizes 27 cybersecurity frameworks from around the world. It provides the framework name, current revision date, developing organization, country of origin, and whether there is a cost associated. The frameworks cover a wide range of topics and sectors and include options for small, medium, and large organizations as well as governments. Links are provided for more information on each individual framework.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    27 views2 pages

    25 Great But Little-Known Cybersecurity Frameworks

    Uploaded by

    security.researcher
    This document lists and summarizes 27 cybersecurity frameworks from around the world. It provides the framework name, current revision date, developing organization, country of origin, and whether there is a cost associated. The frameworks cover a wide range of topics and sectors and include options for small, medium, and large organizations as well as governments. Links are provided for more information on each individual framework.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 2

    25 Great but Little-known Cybersecurity Frameworks

    1.0, 17.08.2023
    Current
    Framework Organization Country Price
    Revision
    1. Information Security Manual (ISM) 2023 ACSC Australia Free
    2. Essential Eight 2023 ACSC Australia Free
    3. Baseline Cyber Security Controls for Small 2021 DGC Canada Free
    and Medium Organizations
    (CAN/CIOSC 104:2021)

    4. Katakri 2020. Information security auditing 2020 NSA (Finland) Finland Free
    tool for authorities
    5. ETSI TR 103 305-1 (set) v.4.1.2, ETSI France Free
    Cyber Security (CYBER); Critical Security Controls for 2022
    Effective Cyber Defence; Part 1: The Critical Security Controls

    6. Controlling the digital risk. 2019 ANSSI and France Free


    The trust advantage AMRAE
    7. IT-Grundschutz (set) 1.0, 2017 BSI Germany Free
    8. Guideline "State of the art". 2023 TeleTrusT & Germany Free
    Technical and organisational measures ENISA
    9. Cybersecurity Management Guidelines for 3.0, 2023 METI & IPA Japan Free
    Japanese Enterprise Executives
    10. ISO/IEC TS 27110:2021 2021 ISO International, CHF124
    Information technology, cybersecurity and privacy protection Switzerland ($140)
    — Cybersecurity framework development guidelines

    11. Standard of Good Practice for Information 2022 ISF International, For
    Security (SoGP) USA members
    12. COBIT Focus Area: Information Security 2020 ISACA International, $90
    USA
    13. HITRUST CSF v.11.1, HITRUST International, Free
    (Common Security Framework) 2023 USA
    14. Open Information Security Management 2.0, 2017 Open Group International Free
    Maturity Model (O-ISM3)
    15. New Zealand Information Security Manual 3.6, 2022 New Zealand New Zealand Free
    (NZISM) Government
    16. Qatar 2022 Cybersecurity Framework 1.0, 2018 SCDL Qatar Free
    17. Essential Cybersecurity Controls (ECC) (set) 2018 NCA Saudi Arabia Free
    18. Cyber Security Framework (by SAMA) 1.0, 2-17 SAMA Saudi Arabia Free
    19. Cyber Essentials: Requirements for IT 3.1, 2022 NCSC UK Free
    infrastructure
    20. Cyber Assessment Framework (CAF) 3.1, 2022 NCSC UK Free
    21. Cybersecurity Capability Maturity Model 2.1, 2022 CESER USA Free
    (C2M2)
    22. Cyber Essentials Toolkits (set) 2020? CISA USA Free
    23. Cybersecurity Maturity Model Certification 2.0, 2021 Department of USA Free
    (CMMC) Defense
    24. Equifax Security Controls Framework 2.0, 2022 Equifax USA Free
    25. Common Sense Guide to Mitigating Insider v.7, 2022 CMU USA Free
    Threats
    by Andrey Prozorov, CISM, CIPP/E, CDPSE, LA 27001
    www.patreon.com/AndreyProzorov
    25 Great but Little-known Cybersecurity Frameworks
    1.0, 17.08.2023
    Links:
    1. ISM: https://www.cyber.gov.au/resources-business-and-government/essential-cyber-security/ism
    2. Essential Eight: https://www.cyber.gov.au/resources-business-and-government/essential-cyber-
    security/essential-eight/essential-eight-assessment-process-guide
    3. CAN/CIOSC 104: 2021: https://dgc-cgn.org/standards/find-a-standard/standards-in-
    cybersecurity/cybersecurity-smes
    4. Katakri: https://um.fi/information-security-auditing-tool-for-authorities-katakri
    5. ETSI: https://www.etsi.org/committee/cyber
    6. IT-Grundschutz: https://www.bsi.bund.de/EN/Themen/Unternehmen-und-Organisationen/Standards-
    und-Zertifizierung/IT-Grundschutz/it-grundschutz_node.html
    7. Controlling the digital risk: https://www.ssi.gouv.fr/guide/controlling-the-digital-risk-the-trust-
    advantage
    8. "State of the art" in IT security: https://www.teletrust.de/en/publikationen/broschueren/state-of-the-
    art-in-it-security
    9. Japanese Guidelines: https://www.meti.go.jp/policy/netsecurity/mng_guide.html
    10. ISO 27110: https://www.iso.org/standard/72435.html
    11. ISF SoGP: https://www.securityforum.org/solutions-and-insights/standard-of-good-practice-for-
    information-security
    12. COBIT Focus Area: Information Security:
    https://store.isaca.org/s/store#/store/browse/detail/a2S4w000004Ko9hEAC
    13. HITRUST: https://hitrustalliance.net/product-tool/hitrust-csf
    14. O-ISM3: https://publications.opengroup.org/c17b
    15. NZISM: https://nzism.gcsb.govt.nz
    16. Qatar 2022 Cybersecurity Framework:
    https://www.qatar2022.qa/sites/default/files/Qatar2022Framework.pdf
    17. Essential Cybersecurity Controls (ECC): https://nca.gov.sa/en/legislation
    18. SAMA: https://www.sama.gov.sa/en-
    US/RulesInstructions/CyberSecurity/Cyber%20Security%20Framework.pdf
    19. NCSC Cyber Essentials: https://www.ncsc.gov.uk/cyberessentials/overview
    20. CAF: https://www.ncsc.gov.uk/collection/caf
    21. C2M2: https://www.energy.gov/ceser/cybersecurity-capability-maturity-model-c2m2
    22. CISA Cyber Essentials
    CISA Cyber Essentials Starter Kit: https://www.cisa.gov/resources-tools/resources/cisa-cyber-
    essentials-starter-kit
    Cyber Essentials Toolkits: https://www.cisa.gov/resources-tools/resources/cyber-essentials-toolkits
    23. CMMC: https://dodcio.defense.gov/CMMC
    24. Equifax: https://controlsframework.equifax.com/home
    25. Insider Threats Guide: https://resources.sei.cmu.edu/library/asset-view.cfm?assetid=886874

    26. NCSC Cyber Security Framework (beta): https://www.ncsc.govt.nz/resources/ncsc-cyber-security-


    framework
    27. Cyber Security Body of Knowledge (CyBOK): https://www.cybok.org

    by Andrey Prozorov, CISM, CIPP/E, CDPSE, LA 27001


    www.patreon.com/AndreyProzorov

    You might also like