Oh no! No description found. But not to worry. Read from Tasks below how to advance this topic.
Segment the organisation’s network in accordance with its risk profile. Segment (divide) the network into zones with different needs for communication, exposure, function and roles. For example, one could consider creating separate zones for system administration, application servers, organisation-operated clients, industrial production (e.g. SCADA and industrial control systems), internet access, wireless networks, guest clients and externally available services (e.g. web servers). In data centres servers can be segmented into security groups such as a data plane (data going through the network), control plane (data going to network devices) and management plane (management data going to network devices). One could also consider creating a network architecture with even more granular zone segmentation, e.g. by department or by group of devices. Please note that one can create zones in many different ways: VLAN zones, virtualised networks, micro segmentation etc. Zones should be managed centrally, not locally on each switch. Use the chosen segmentation model to manage data flow, see principle 2.5 – Control data flow.
Oh no! No description found. But not to worry. Read from Tasks below how to advance this topic.
Segment the organisation’s network in accordance with its risk profile. Segment (divide) the network into zones with different needs for communication, exposure, function and roles. For example, one could consider creating separate zones for system administration, application servers, organisation-operated clients, industrial production (e.g. SCADA and industrial control systems), internet access, wireless networks, guest clients and externally available services (e.g. web servers). In data centres servers can be segmented into security groups such as a data plane (data going through the network), control plane (data going to network devices) and management plane (management data going to network devices). One could also consider creating a network architecture with even more granular zone segmentation, e.g. by department or by group of devices. Please note that one can create zones in many different ways: VLAN zones, virtualised networks, micro segmentation etc. Zones should be managed centrally, not locally on each switch. Use the chosen segmentation model to manage data flow, see principle 2.5 – Control data flow.
In Cyberday, requirements and controls are mapped to universal tasks. A set of tasks in the same topic create a Policy, such as this one.
In Cyberday, requirements and controls are mapped to universal tasks. Each requirement is fulfilled with one or multiple tasks.
When building an ISMS, it's important to understand the different levels of information hierarchy. Here's how Cyberday is structured.
Sets the overall compliance standard or regulation your organization needs to follow.
.svg)
.svg)
.svg)
Break down the framework into specific obligations that must be met.
.svg)
Concrete actions and activities your team carries out to satisfy each requirement.
Documented rules and practices that are created and maintained as a result of completing tasks.
