The IRMA Community
Newsletters
Research IRM
Click a keyword to search titles using our InfoSci-OnDemand powered search:
|
Pragmatic Risk-Based Approach to Cybersecurity: Establishing a Risk-Enhanced Unified Set of Security Controls
Abstract
Sometimes security and technology professionals confuse their state of compliance with their security posture. While an organization can meet the requirements to any regulatory standard (HIPAA, SOC, etc.), doing so should not be construed as meeting the requirements to defend a potential cyberattack, provide data protection during business processing, or maintain a highly secure development environment. In this chapter, the authors discuss how security and compliance can co-exist. They associate each one of these with controls that are either derived from formal frameworks or meet custom operational or other requirements of an organization. They explore how each control needs to be implemented with a risk perspective in mind, and finally, they suggest methods on how to manage such a control catalog.
Related Content
|
Azeem Khan, Noor Zaman Jhanjhi, Haji Abdul Hafidz B. Haji Omar, Dayang Hajah Tiawa B. Awang Haji Hamid.
© 2024.
35 pages.
|
|
Brendan Ooi Tze Wen, Najihah Syahriza, Nicholas Chan Wei Xian, Nicki Gan Wei, Tan Zheng Shen, Yap Zhe Hin, Siva Raja Sindiramutty, Teah Yi Fan Nicole.
© 2024.
39 pages.
|
|
Sidra Tahir, Anam Zaheer.
© 2024.
17 pages.
|
|
Tayyab Rehman, Noshina Tariq, Muhammad Ashraf, Mamoona Humayun.
© 2024.
24 pages.
|
|
Noshina Tariq, Tehreem Saboor, Muhammad Ashraf, Rawish Butt, Masooma Anwar, Mamoona Humayun.
© 2024.
25 pages.
|
|
Sidra Tahir.
© 2024.
15 pages.
|
|
Siva Raja Sindiramutty, Noor Zaman Jhanjhi, Chong Eng Tan, Navid Ali Khan, Bhavin Shah, Loveleen Gaur.
© 2024.
68 pages.
|
|
|