Scribd
Upload
289 views

Cyber Security Policy Notes

The document discusses cyber security policy. It notes that cyber security involves controlling access to systems and networks to protect information. The role of professionals is to plan for attacks and prevent them from impacting physical systems and networks. Specific goals of cyber security policy are to prevent, detect, and respond to attacks in order to keep systems and networks safe. Policy must address tensions between functionality and security to achieve maximum productivity while regulating information distribution, protection, and safety according to laws, regulations, and enterprise policies. A cyber security policy provides guidelines for implementation through strategies like software, devices, awareness campaigns, or workshops, and should be flexible enough to change with technology and business needs.

Uploaded by

Raúl Cálcamo Alonzo
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
289 views

Cyber Security Policy Notes

The document discusses cyber security policy. It notes that cyber security involves controlling access to systems and networks to protect information. The role of professionals is to plan for attacks and prevent them from impacting physical systems and networks. Specific goals of cyber security policy are to prevent, detect, and respond to attacks in order to keep systems and networks safe. Policy must address tensions between functionality and security to achieve maximum productivity while regulating information distribution, protection, and safety according to laws, regulations, and enterprise policies. A cyber security policy provides guidelines for implementation through strategies like software, devices, awareness campaigns, or workshops, and should be flexible enough to change with technology and business needs.

Uploaded by

Raúl Cálcamo Alonzo
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 2

Cyber Security Policy Guidebook Notes

Cyber Security is the ability to control access to systems, networks and the
information and data in them
Role of a professional is to plan for potential attacks and prevent them
Applies to both physical systems and networks
The cyberspace is considered to be a fourth domain of nations
Specific goals:
-Prevent, detect, respond prevent all possible attacks (impossible), detect
ongoing ones and respond to those in order to keep the system and network safe
(includes repairing any damage left)
-People, process, technology routines the operators must follow in order to
keep technology working in optimal performance and as safely as possible
(collectively act, prevent social engineering)
-confidentiality, integrity, and availability ensure the authorization,
authenticity and precision of information

The Cyber Security Policy


Addresses the tension between cyber functionality and security with the objective of
achieving the maximum possible productivity
Regulations to concerning information distribution, protection and safety
There might be variations in the security policy from a company to another, a state
to another or a country to another. Dictate by
Laws and regulations: State lvl not always stablished through formal written
laws, but through reports and speeches that later might see themselves put
into a law
The US regulations on cyber security were not meant to be specifically
for cyber security issues, but emerged from policy enforcement laws
Enterprise policy: Companies: rules are usually formed in a more active
manner than governmental rules. They are meant to be followed upon thread
of sanction. Risks are usually assessed to mid-level managers. Employees
must make sure they comply with the legal and regulatory requirements; and
recommend their clients to model processes around them process
execution in specific ways.
Nowadays, technology is implemented using software and devices that
enforce security, taking reference from the specified standard.

Strategy versus Policy:


-The policy articulates the strategy to be followed in order to archieve the
cyber security goals and its constituents. This does not mean, however, that the
policy dictates an implementation standard; only that it sets the guidelines for the
implementation. A strategy may be anywhere from software implementation to an
awareness campaign and/or workshop

A policy should be flexible and open to change; revisited every time a situation
changes. However, it should be robust enough to withstand the ever-increasing
changes in technology and the growing desire of executives to expand their
productivity

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy