Posted: September 22nd, 2022

Compare and contrast the following six security frameworks

Compare and contrast the following six security frameworks for addressing the cybersecurity threat
Laptop Sciences and Info Expertise

Compare and contrast the following six security frameworks for addressing the cybersecurity threat
Cybersecurity dangers and threats have been constantly growing and inflicting substantial injury inclining the Info security professionals and groups to develop totally different security frameworks to counter the dangers and threats. The varied cybersecurity frameworks embrace NIST Danger Administration Framework (RMF), ISACA IT Danger Administration Lifecycle, CIS High 20 Security Controls, ISO IEC 27001/27002, Cost Card Business Knowledge Security Customary (PCI DSS), and HITRUST Frequent Security Framework (HITRUST CSF). The totally different cybersecurity frameworks are totally different or related of their operations thus elevating variations in effectiveness to counter threats and dangers (Shackelford et al., 2015). The variations in the cybersecurity frameworks make them be employed in another way in varied roles, duties, and tasks on account of the variations in functionality. On this case, one framework is healthier than the others in effectiveness prompting the totally different security frameworks to be employed in several methods comparable to prevention of cyber-attacks, decreasing the impression after an assault and thus one must undertake the greatest cybersecurity framework. Totally different cyber security frameworks have variations thus they’re used in another way when it comes to roles and tasks.
1. Is one framework higher (i.e., simpler) than the others?
The totally different cyber security frameworks have variations that make them higher than one another in countering totally different dangers and threats. The variations in the frameworks are marked from the benefits/advantages or disadvantages of each cybersecurity framework in the course of stopping organizations from cyber-attacks, threats, and dangers. In establishing a greater framework than the different one wants to determine its capabilities, its operations and, benefits in countering basic or particular cyber-related threats and dangers. The perfect cybersecurity framework amongst the six cybersecurity frameworks is the NIST Danger Administration Framework (RMF) on account of its capabilities and advantages in countering cyber-related threats and dangers. The danger administration framework takes the specification and collection of security controls for an organizational system as a part of the organizational-wide data and belongings security applications that contain the efficient administration of dangers (Ting and Comings, 2010). The dangers and threats in a corporation are eradicated and averted by means of operations inside the system. The administration of organizational threat is a major facet of the organizational data security program and provides an efficient framework for choosing efficient security controls in respect of the sort of assaults, dangers, and threats concerned. Underneath the RFM the safety of individuals, belongings, and operations inside the organizations is completed successfully by means of determination making to undertake the simplest countermeasure thus making the cybersecurity framework the most interesting amongst others. Moreover, the RMF gives a system that integrates and incorporates threat and security administration in the system growth life cycle. The danger-based method to eliminating dangers and adoption of specification and security management choice components in the laws, requirements, insurance policies, government orders, directives, and the relevant legal guidelines to make sure that the method achieves its objectives successfully and effectively devoid of boundaries. Furthermore, the RMF is operated in steps and processes that embrace assessing controls, authorization of the system, monitoring of the controls, categorizing of the system collection of the management and the implementation of the controls the objectives and targets are systematically achieved. Subsequently, the RFM framework will be successfully adopted in several organizations to eradicate and neutralize cybersecurity dangers and threats in organizations.
2. Would the implementation of any of the frameworks have prevented a latest cyber-attack in the information?
The cybersecurity frameworks must be adopted to stop the assaults, dangers, and threats in organizations. In recent times cyber-attacks and threats have been efficiently carried out thus adversely affecting the victims and thus efficient cybersecurity frameworks must be adopted to stop such and associated dangers in the future. For example, the American Medical Assortment Company (AMCA) reported that the billing service vendor for the healthcare trade was uncovered to the hackers between August and March. The hacking resulted in the affected person knowledge being compromised leading to the uncertainty of many individuals. On this regard, such dangers must be prevented by adopting ISACA IT Danger Administration Lifecycle. Underneath the Danger Administration Lifecycle (RML), an finish to finish and complete threat safety in the group is enhanced in all the processes and capabilities thus successfully stopping dangers and threats (Hersyah, Mohammad, Kridanto and Surendro, 2013). Dangers are regular in organizations and they need to be managed by appearing on them earlier than they have an effect on the enterprise operations. Underneath the RML threat IT the framework is based on a set of guiding rules for efficient administration of dangers in the course of regular operations. The framework affords a complete framework for the management and governance of IT- and business-driven options and providers. This framework ensures that dangers are recognized early upfront making it attainable to governs and handle them in the curiosity of threat mitigation. Correct administration of threat is critical to stopping or neutralizing dangers thus guaranteeing that the organizations’ capabilities, processes, and operations are protected and shielded from dangers and threats. Subsequently, the AMCA must undertake the ISACA IT Danger Administration Lifecycle to successfully handle dangers thus guaranteeing that future dangers are mitigated and the organizational operations and capabilities are protected and safe.
three. May they’ve decreased the impression on organizations?
In the incident of the AMCA hacking assault, the group might have successfully decreased the impression of the assault by adopting an efficient cybersecurity framework. In the first place, the hacking incident at the AMCA uncovered the confidential knowledge of sufferers thus making them susceptible. Medical data, social security numbers, monetary knowledge, and private knowledge was uncovered and landed on the arms of the unauthorized third social gathering thus leaving the sufferers uncovered and susceptible. Moreover, AMCA companions comparable to the QQuest Diagnostic, LabCorp, Penobscot Group Well being Middle, South Texas Dermatopathology, Natera and Scientific Pathology Laboratories had been affected on account of the twelve million information being compromised. On this regard, the AMCA dad or mum firm filed for chapter and the companions are going through lawsuits and investigations. Subsequently, the hacking incident left a devastating impression that might have been successfully prevented in the case AMCA had the ISACA IT Danger Administration Lifecycle cybersecurity framework in operation. First, the RML framework would have successfully recognized the hacking operations upfront thus guaranteeing that efficient countermeasures had been adopted. This truth considerably reduces the impression of the assault to the level of the group redeeming itself (Carcary, 2013). Consequently, the RML cybersecurity framework would have made it attainable to trace and ahead the attackers to the related legislation enforcement businesses to make sure that the compromised knowledge wouldn’t be used towards any social gathering. The monitoring and arresting of the hackers would be certain that the stolen knowledge is retrieved from the arms of the hackers thus restoring the organizations’ operations. Moreover, the cybersecurity framework enhances the identification of loopholes and vulnerabilities in the AMCA system and community thus successfully eliminating the dangers to the level of decreasing the impacts of the assault.
four. Which one would work greatest in your office group?
CIS High 20 Security Controls can be the simplest cybersecurity framework to boost the security and safety of the group in addition to eradicate any dangers and threats. CIS High 20 Security Controls cybersecurity has a variety of capabilities thus cowl totally different operations regarding eliminating and neutralizing threats and dangers to the organizational personnel, data and belongings. First, the framework enhances steady vulnerability administration to make sure that there are not any gaps or loopholes thus stopping any assault (Shamma, 2018). The system and community have vulnerabilities which might be created sometimes thus permitting threats to happen. The vulnerabilities and loopholes are constantly solved and sealed making it exhausting for unauthorized events to have unlawful entry into the system or the community. Consequently, the framework enhances malware defenses, knowledge safety, and boundary defenses to make sure the organizational system and the community is infiltrated at the expense of a corporation. The attackers and hackers have devised other ways of implementing assaults and thus they organizations want to plan countermeasures to successfully eradicate threats. The totally different defenses be certain that attackers don’t use worms, viruses, and malware at the expense of the organizations. The varied defenses are able to detecting intrusion of the malware, viruses, and worms in addition to assaults directed at accessing confidential data illegally. Moreover, the framework incorporates the Incident Response and Administration (IRM) to make sure that dangers and assaults which were carried out in the system will be successfully managed to make sure that they’re neutralized. The IRM reduces the antagonistic impacts of the dangers by taking management of the security incidences to make sure they’re amicably solved to the benefit of the affected group.
Conclusion
Totally different cybersecurity frameworks must be adopted in a selective solution to handle varied cybersecurity assaults, threats, and dangers. The varied cybersecurity frameworks have totally different traits that make them match to handle specified cybersecurity threat and assault points. The totally different frameworks have totally different options, advantaged and disadvantages that make them distinctive in addressing varied security points. The evaluating and contrasting the totally different cybersecurity frameworks enhances the allows one to resolve on the greatest framework for use in several instances. On this regard, the comparability and contrasting revealed that the NIST Danger Administration Framework (RMF) was the greatest framework as in comparison with the others. Consequently, the analysis revealed that the ISACA IT Danger Administration Lifecycle framework would have prevented and decreased the impression of a cyber-attack on the American Medical Assortment Company (AMCA) to make sure that the group would recuperate from the assault. Moreover, the comparability and contrasting revealed that the bests cybersecurity framework for the group can be CIS High 20 Security Controls for it has totally different methods that may successfully cowl the group from any cyber-attacks, threat or menace. Subsequently, there’s a have to successfully make decisions of the cybersecurity frameworks to be adopted in defending the organizational operations to make sure that personnel, data, and belongings are protected.

References
Shamma, B. (2018). Implementing CIS Important Security Controls for Organizations on a Low-Funds (Doctoral dissertation).
Carcary, M. (2013). IT threat administration: A functionality maturity mannequin perspective. Digital Journal of Info Programs Analysis, 16(1), three.
Hersyah, M. H., & Surendro, Okay. (2013, June). ICT threat administration functionality dimension for sensible schooling: A two dimensional method. In Worldwide Convention on ICT for Sensible Society (pp. 1-5). IEEE.
Shackelford, S. J., Proia, A. A., Martell, B., & Craig, A. N. (2015). Towards a world cybersecurity commonplace of care: Exploring the implications of the 2014 NIST cybersecurity framework on shaping affordable nationwide and worldwide cybersecurity practices. Tex. Int’l LJ, 50, 305.
Ting, W. W., & Comings, D. R. (2010). Info assurance metric for assessing NIST’s monitoring step in the threat administration framework. Info Security Journal: A International Perspective, 19(5), 253-262.

Image

Retrieved from: https://csrc.nist.gov/initiatives/risk-management/risk-management-framework-(RMF)-Overview
The above image exhibits the steps of implementing the Danger administration framework.

Order | Check Discount

Tags: Compare and contrast the following six security frameworks