What is it about?
There are currently exist 12 cybersecurity frameworks by mean as policy template for policymaker and C-level to secure their virtual space. What are their differences? What are their commonalities? This paper brings those 12 various perspectives into a birds-eye-view.
Featured Image
Why is it important?
Our findings show that the various intentions of the frameworks can be cascaded with respect to four areas: 1) the promoted action, 2) the driver, 3) the framework milieu and 4) the audience. The frameworks can also be examined according to three common concepts: 1) shared actions, 2) cyber pillars and 3) the framework life cycle.
Perspectives
I write this paper since there are multiple-perspective not only on defining what cybersecurity is but also how cybersecurity policy is implemented. I noted that there are various documents called cybersecurity framework, but it spans from technical to policy. I tried to narrow down this definition by collecting only a document which is intended as a policy template and working on it. I compared and contrasted the documents, resulting there are 4 main characteristics of the frameworks, namely 1) the promoted action, 2) the driver, 3) the framework milieu and 4) the audience. I also distilled there are three common concepts: 1) shared actions, 2) cyber pillars and 3) the framework life cycle. I hope this paper benefit to policy-makers and C-Level who want to implement cybersecurity in their organisation by looking over the very top perspective. For people who want to seekor to develop generic cybersecurity framework can also take benefit from this paper since there is a summary of current cybersecurity framework.
Riza Azmi
University of Wollongong
Read the Original
This page is a summary of: Review of cybersecurity frameworks: context and shared concepts, Journal of Cyber Policy, May 2018, Taylor & Francis,
DOI: 10.1080/23738871.2018.1520271.
You can read the full text:
Contributors
The following have contributed to this page
