The Department of Homeland Security (DHS) and the National Institutes of Standards and Technology (NIST) have jointly classified cybersecurity practices into nine categories as bases for cyber performance goals.
The nine categories each have specific objectives with regard to how secure control systems are operated and deployed, NIST said Thursday. The two agencies expect these goals to help organizations adopt effective cyber practices and controls.
This partnership aligns with President Biden’s memorandum that aims to foster cybersecurity improvement across critical infrastructure control systems.
The nine category-based goals are:
- Architecture and Design
- Configuration and Change Management
- Continuous Monitoring and Vulnerability Management
- Incident Response and Recovery
- Physical Security
- Risk Management and Cybersecurity Governance
- Supply Chain Risk Management
- System and Data Integrity, Availability and Confidentiality
- Training and Awareness
The Cybersecurity and Infrastructure Security Agency released a preliminary list of the goals earlier.
If you are interested in learning more about the current landscape of cybersecurity, check out ExecutiveBiz's event titled “Supply Chain Cybersecurity: Revelations and Innovations” on Oct. 26th.