Oh no! No description found. But not to worry. Read from Tasks below how to advance this topic.
Objective: IT systems in a network are exposed to different risks or have different protection needs. In order to detect or prevent unintended data exchange or access between these IT systems, they are subdivided into suitable segments and access is controlled and monitored by means of security technologies.
Requirements (must): Requirements for the management and control of networks are determined and fulfilled.
Requirements regarding network segmentation are determined and fulfilled.
Requirements (should): Procedures for the management and control of networks are defined.
For a risk-based network segmentation, the following aspects are considered:
- Limitations for connecting IT systems to the network,
- Use of security technologies,
- Performance, trust, availability, security, and safety considerations
- Limitation of impact in case of compromised IT systems
- Detection of potential attacks and lateral movement of attackers
- Separation of networks with different operational purpose (e.g. test and development networks, office network, manufacturing networks)
- The increased risk due to network services accessible via the internet,
- Technology-specific separation options when using external IT services,
- Adequate separation between own networks and customer networks while considering customer requirements
- Detection and prevention of data loss/leakage
Oh no! No description found. But not to worry. Read from Tasks below how to advance this topic.
Objective: IT systems in a network are exposed to different risks or have different protection needs. In order to detect or prevent unintended data exchange or access between these IT systems, they are subdivided into suitable segments and access is controlled and monitored by means of security technologies.
Requirements (must): Requirements for the management and control of networks are determined and fulfilled.
Requirements regarding network segmentation are determined and fulfilled.
Requirements (should): Procedures for the management and control of networks are defined.
For a risk-based network segmentation, the following aspects are considered:
- Limitations for connecting IT systems to the network,
- Use of security technologies,
- Performance, trust, availability, security, and safety considerations
- Limitation of impact in case of compromised IT systems
- Detection of potential attacks and lateral movement of attackers
- Separation of networks with different operational purpose (e.g. test and development networks, office network, manufacturing networks)
- The increased risk due to network services accessible via the internet,
- Technology-specific separation options when using external IT services,
- Adequate separation between own networks and customer networks while considering customer requirements
- Detection and prevention of data loss/leakage
In Cyberday, requirements and controls are mapped to universal tasks. A set of tasks in the same topic create a Policy, such as this one.
In Cyberday, requirements and controls are mapped to universal tasks. Each requirement is fulfilled with one or multiple tasks.
Sets the overall compliance standard or regulation your organization needs to follow.
.svg)
.svg)
.svg)
Break down the framework into specific obligations that must be met.
.svg)
Concrete actions and activities your team carries out to satisfy each requirement.
Documented rules and practices that are created and maintained as a result of completing tasks.
