Chapter 3

Cybersecurity Framework

Chapter Objectives

After reading this chapter and completing the exercises, you will be able to do the following:

  • Understand confidentiality, integrity, and availability (the CIA security model).

  • Describe the security objectives of confidentiality, integrity, and availability.

  • Discuss why organizations choose to adopt a security framework.

  • Understand the intent of the National Institute of Standards and Technology (NIST) Cybersecurity Framework.

  • Understand the intent of the ISO/IEC 27000-series of information security standards.

  • Outline the domains of an information security program.

Our focus in this chapter on information security objectives and framework will answer the following (and many other) questions ...

Get Developing Cybersecurity Programs and Policies, 3rd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial