Author(s):
Secondary Title
Springer International Publishing
Abstract
The chapter addresses the Information Security Management System (ISMS) establishment approach, ensuring necessary controls to avoid widespread cybersecurity threats nowadays. The most common attack vectors and techniques of the last three years were analyzed in this chapter to define a set of information security practices, which can minimize risks related to modern cybersecurity threats.
Concluding remarks
Conducted analysis of cybersecurity frameworks such as ISO 27001/2, CIS Top 18, NIST 800-53, and their differentiators. An ISMS establishment algorithm is proposed in this chapter with a detailed explanation of each phase and controls required for system implementation. The document defines cybersecurity technologies for management systems are determined based on the infrastructure type. The documentation management framework and risk management methodology are proposed and analyzed modern awareness strategies and defined education roadmap for ISMS roles.
Reference details
DOI
10.1007/978-3-030-92435-5_15
Resource type
Miscellaneous
Year of Publication
2021
ISSN Number
1876-1100
Publication Area
Cybersecurity and defense
Date Published
2021-12-10
How to cite this reference:
Susukailo, V., Opirsky, I., & Yaremko, O. (2021). Methodology of ISMS Establishment Against Modern Cybersecurity Threats. https://doi.org/10.1007/978-3-030-92435-5_15 (Original work published)