Skip to main content
Springer Nature Link
Log in

Information Security Frameworks

  • Chapter
  • First Online:
IT Security Controls

  • 2374 Accesses

Abstract

This chapter covers industry-accepted information security frameworks, including NIST frameworks, COBIT, and CIS Controls, which help organizations understand current cyber risks, identify missing security controls that protect from cyber threats, and prioritize mitigative activities. This chapter also discusses select national-level security requirements and frameworks in Qatar, Singapore, Saudi Arabia, Turkey, and India, which organizations in those countries need to comply with.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+
from €37.37 /Month
  • Starting from 10 chapters or articles per month
  • Access and download chapters and articles from more than 300k books and 2,500 journals
  • Cancel anytime
View plans

Buy Now

eBook
EUR 17.99
Price includes VAT (Netherlands)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
EUR 70.84
Price includes VAT (Netherlands)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Explore related subjects

Discover the latest articles, books and news in related subjects, suggested using machine learning.

Notes

  1. 1.

    www.nist.gov/about-nist

  2. 2.

    www.nist.gov/industry-impacts

  3. 3.

    https://nvd.nist.gov/

  4. 4.

    https://csrc.nist.gov/publications/sp

  5. 5.

    https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r5.pdf

  6. 6.

    https://csrc.nist.gov/Projects/risk-management/about-rmf/prepare-step

  7. 7.

    https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-37r2.pdf#%5B%7B%22num%22%3A460%2C%22gen%22%3A0%7D%2C%7B%22name%22%3A%22XYZ%22%7D%2C88%2C700%2C0%5D

  8. 8.

    https://csrc.nist.gov/CSRC/media/Projects/risk-management/documents/Additional%20Resources/NIST%20RMF%20Roles%20and%20Responsibilities%20Crosswalk.pdf

  9. 9.

    https://csrc.nist.gov/publications/detail/fips/199/final

  10. 10.

    https://csrc.nist.gov/publications/detail/sp/800-60/vol-1-rev-1/final and https://csrc.nist.gov/publications/detail/sp/800-60/vol-2-rev-1/final

  11. 11.

    https://csrc.nist.gov/publications/

  12. 12.

    National Institute of Standards and Technology Special Publication 800-53, Revision 4. April 2013. p8.

  13. 13.

    https://csrc.nist.gov/publications/detail/fips/199/final

  14. 14.

    https://csrc.nist.gov/publications/detail/fips/200/final

  15. 15.

    https://csrc.nist.gov/publications/detail/sp/800-128/final

  16. 16.

    https://csrc.nist.gov/publications/detail/sp/800-137/final

  17. 17.

    https://csrc.nist.gov/publications/detail/sp/800-137a/final

  18. 18.

    https://csrc.nist.gov/publications/detail/sp/800-160/vol-1/final

  19. 19.

    https://csrc.nist.gov/publications/detail/sp/800-18/rev-1/final

  20. 20.

    https://csrc.nist.gov/publications/detail/sp/800-30/rev-1/final

  21. 21.

    https://csrc.nist.gov/publications/detail/sp/800-34/rev-1/final

  22. 22.

    https://csrc.nist.gov/publications/detail/sp/800-39/final

  23. 23.

    https://csrc.nist.gov/publications/detail/sp/800-40/rev-3/final

  24. 24.

    https://csrc.nist.gov/publications/detail/sp/800-41/rev-1/final

  25. 25.

    https://csrc.nist.gov/publications/detail/sp/800-61/rev-2/final

  26. 26.

    https://csrc.nist.gov/publications/detail/sp/800-77/rev-1/final

  27. 27.

    https://csrc.nist.gov/publications/detail/sp/800-83/rev-1/final

  28. 28.

    https://csrc.nist.gov/publications/detail/sp/800-92/final

  29. 29.

    https://csrc.nist.gov/publications/detail/sp/800-153/final

  30. 30.

    https://csrc.nist.gov/publications/detail/nistir/8011/vol-1/final

  31. 31.

    https://csrc.nist.gov/publications/detail/nistir/8062/final

  32. 32.

    https://csrc.nist.gov/publications/detail/nistir/8212/final

  33. 33.

    https://obamawhitehouse.archives.gov/the-press-office/2013/02/12/executive-order-improving-critical-infrastructure-cybersecurity

  34. 34.

    https://nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.04162018.pdf

  35. 35.

    www.cisecurity.org/controls/

  36. 36.

    https://csat.cisecurity.org/

  37. 37.

    www.cisecurity.org/controls/cis-controls-navigator/

  38. 38.

    www.rbi.org.in/scripts/BS_CircularIndexDisplay.aspx?Id=10435

  39. 39.

    https://rbidocs.rbi.org.in/rdocs/content/PDFs/GBS300411F.pdf

  40. 40.

    www.rbi.org.in/Scripts/NotificationUser.aspx?Id=6366&Mode=0

  41. 41.

    https://rbidocs.rbi.org.in/rdocs/content/pdfs/CSFB020616_AN2.pdf

  42. 42.

    https://rbidocs.rbi.org.in/rdocs/content/pdfs/CSFB020616_AN1.pdf

  43. 43.

    https://rbidocs.rbi.org.in/rdocs/content/pdfs/CSFB020616_AN3.pdf

  44. 44.

    www.telegraph.co.uk/news/2018/07/16/putin-says-russia-targeted-almost-25-million-cyber-attacks-world/

  45. 45.

    EclecticIQ Fusion Center (2018). EclecticIQ Analysis: FIFA World Cup 2018 Threat Landscape (2nd version).

  46. 46.

    www.forbes.com/sites/federicoguerrini/2014/06/17/brazils-world-cup-of-cyber-attacks-from-street-fighting-to-online-protest/?ss=Security&sh=30e3589951a8

  47. 47.

    www.reuters.com/article/us-soccer-england-cyber-idUSKCN1BN1A4

  48. 48.

    www.interpol.int/How-we-work/Project-Stadia/Stadia-activities

  49. 49.

    State of Qatar – Supreme Committee for Delivery & Legacy. (2018). Qatar 2022 Cybersecurity Framework. www.qatar2022.qa/sites/default/files/Qatar2022Framework.pdf

  50. 50.

    www.almeezan.qa/LawPage.aspx?id=7121&language=ar (in Arabic)

  51. 51.

    https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32016R0679

  52. 52.

    www.mas.gov.sg/-/media/MAS/Regulations-and-Financial-Stability/Regulatory-and-Supervisory-Framework/Risk-Management/TRM-Guidelines-18-January-2021.pdf

  53. 53.

    www.resmigazete.gov.tr/eskiler/2020/03/20200315-10.htm (in Turkish)

  54. 54.

    https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-181r1.pdf

  55. 55.

    www.iso.org/obp/ui/#iso:std:iso-iec:15408:-3:ed-3:v2:en

  56. 56.

    www.ietf.org/rfc/rfc2196.txt

  57. 57.

    www.sans.org/information-security-policy/

  58. 58.

    www.hhs.gov/hipaa/index.html

  59. 59.

    https://hitrustalliance.net/product-tool/hitrust-csf/

Author information

Authors and Affiliations

  1. Doha, Qatar

    Virgilio Viegas & Oben Kuyucu

Authors
  1. Virgilio Viegas
    View author publications

    Search author on:PubMed Google Scholar

  2. Oben Kuyucu
    View author publications

    Search author on:PubMed Google Scholar

Rights and permissions

Reprints and permissions

Copyright information

© 2022 The Author(s), under exclusive license to APress Media, LLC, part of Springer Nature

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Viegas, V., Kuyucu, O. (2022). Information Security Frameworks. In: IT Security Controls. Apress, Berkeley, CA. https://doi.org/10.1007/978-1-4842-7799-7_3

Download citation

Publish with us

Policies and ethics