Breaches spotlight role of cybersecurity standards
Thursday, October 27, 2022
Significance
Several standards-setting organisations, including the International Organization for Standardization (ISO) and the National Institute of Standards and Technology (NIST), publish extensive catalogues of information security controls and cybersecurity standards. These increasingly guide organisational decision-making on security budgets and critical controls. However, they are at best a starting point for cybersecurity.
Impacts
- International bodies will increasingly tailor their cybersecurity advice to serve resource-strapped small and medium-sized enterprises.
- Larger organisations will use standards to verify compliance with baseline expectations.
- Compliance with standards will not provide a meaningful assessment of whether data and networks are adequately protected.
Related articles
