|
|
| (69 intermediate revisions by the same user not shown) |
| Line 1: |
Line 1: |
| <div class="nonumtoc">__TOC__</div>
| |
| ==1. What is a cybersecurity plan and why do you need it?==
| |
| [[File:Incidents Reported by Federal Agencies in Fiscal Years 2006-2012 (15400517077).jpg|right|400px]]Developing a cybersecurity plan is not a simple process; it requires expertise, resources, and diligence. Even a simple plan may involve several months of development, more depending on the complexity involved. The time it takes to develop the plan may also be impacted by how much executive support is provided, the size of the development team (bigger is not always better), and how available required resources are.<ref name="NARUCCyber18">{{cite web |url=https://pubs.naruc.org/pub/8C1D5CDD-A2C8-DA11-6DF8-FCC89B5A3204 |format=PDF |title=Cybersecurity Strategy Development Guide |author=Cadmus Group, LLC |publisher=National Association of Regulatory Utility Commissioners |date=30 October 2018 |accessdate=29 November 2019}}</ref>
| |
|
| |
|
| Keep in mind that while this guide has been written with intent to broadly cover multiple industries, it does have a slight lean towards laboratories, particularly those implementing information systems.
| |
|
| |
| ==2. What are the major standard and regulations dictating cybersecurity action?==
| |
|
| |
|
| |
| ==3. The NIST Cybersecurity Framework and its control families==
| |
|
| |
|
| |
| ==4. Fitting a framework or specification into a cybersecurity plan==
| |
|
| |
|
| |
| ==5. Develop and create the cybersecurity plan==
| |
| https://www.limswiki.org/index.php/User:Shawndouglas/sandbox/sublevel28
| |
|
| |
| ==6. Closing remarks==
| |
|
| |
| ==Appendix 1. A simplified description of NIST Cybersecurity Framework controls, with ties to LIMSpec==
| |
| https://www.limswiki.org/index.php/User:Shawndouglas/sandbox/sublevel30
| |
|
| |
| ==References==
| |
| {{Reflist|colwidth=30em}}
| |
