Cybersecurity Frameworks and Models: Review of the Existing Global Best Practices

By : Sandeep K. Shukla, Madhusree Kole, Ashish K. Upadhyay, Ayush Sinha, Preet Sharma, Manas Sarkar, Sandeep Kumar Yadav, Sarang Raj Chourasia

Page No: 29-42

Abstract
The pace of digitalization has accelerated, and internet connectivity has expanded beyond traditional computers and mobile phones to encompass other cyber-physical or smart systems. This introduces a new paradigm of threats, including remote exploitation of operational technology networks and systems, such as air defence and coastal surveillance networks, power grids, pipelines, air traffic control systems, port operation systems, railway signaling systems, satellites, industrial plants, and more. Based on the lessons learned, there is an urgent need to further strengthen the cyber resilience of critical national functions, business and industrial processes, and the underlying ICT infrastructure and systems. In the present review article, we review some globally accepted cybersecurity standards and frameworks like NIST CSF, ISO 27001, CRR Framework, CIS Control Framework, and SCF; and three popular cybersecurity maturity models, viz., CMMC, C2M2, and SCF-SP-CMM.

Authors :
Sandeep K. Shukla
Department of Computer Science and Engineering, Indian Institute of Technology Kanpur, Uttar Pradesh, India.

Madhusree Kole, Ashish K. Upadhyay, Ayush Sinha, Preet Sharma, Manas Sarkar, Sandeep Kumar Yadav and Sarang Raj Chourasia
C3iHub, Indian Institute of Technology Kanpur, Uttar Pradesh, India.
 

DOI: https://doi.org/10.32381/PROD.2024.65.01.4