Free ebook: NIS2 ready using ISO 27001 best practices
Download ebook

A strategy for cyber security architecture

Critical
High
Normal
Low

The organization must have a strategy for developing and maintaining a cyber security architecture.

The strategy must match the organization's cyber security program and the organization's architecture.

The architecture must include:

  • Security measures for computer networks
  • Protection of information assets
  • Application security
  • Implementation of data protection and privacy
Connected other frameworks and requirements:
9.1 (MIL1): Establish and Maintain Cybersecurity Architecture Strategy and Program
C2M2
9.3 (MIL1): Implement IT and OT Asset Security as an Element of the Cybersecurity Architecture
C2M2
9.4 (MIL1): Implement Software Security as an Element of the Cybersecurity Architecture
C2M2
9.2 (MIL1): Implement Network Protections as an Element of the Cybersecurity Architecture
C2M2
9.5 (MIL1): Implement Data Security as an Element of the Cybersecurity Architecture
C2M2

Continuous monitoring of physical access to critical facilities

Critical
High
Normal
Low

Access to buildings containing critical systems must be constantly monitored to detect unauthorized access or suspicious activity. The following issues should be taken into account in monitoring practices:

  • touch, sound or motion detectors that trigger an intrusion alarm
  • covering exterior doors and windows using sensors
  • supervision of unstaffed and otherwise important (e.g. server or communication technology) premises
  • regular testing of alarm systems

Information related to surveillance systems should be kept confidential, as disclosure of information can facilitate undetected breaches. The monitoring systems themselves must also be properly protected, so that the recordings or system status cannot be affected without permission.

Connected other frameworks and requirements:
7.4: Physical security monitoring
ISO 27001
9.3 (MIL1): Implement IT and OT Asset Security as an Element of the Cybersecurity Architecture
C2M2

Software firewall on endpoint devices

Critical
High
Normal
Low

All endpoint devices in the organization should be protected by a properly configured software firewall that monitors traffic, accepts compliant traffic, and monitors users.

A firewall protects against malware and attacks that come from inside or outside your organization's network.

Connected other frameworks and requirements:
9.3 (MIL1): Implement IT and OT Asset Security as an Element of the Cybersecurity Architecture
C2M2

Listing and monitoring allowed applications on endpoints

Critical
High
Normal
Low

The organization must have list of approved applications, and application sources, that are allowed to be used on the organization's endpoint devices.

The organization should, if possible, execute management of approved software using automation for example with policies from mobile device management system.

Connected other frameworks and requirements:
9.3 (MIL1): Implement IT and OT Asset Security as an Element of the Cybersecurity Architecture
C2M2

Endpoint security management system

Critical
High
Normal
Low

Endpoint security management system can be used to demand the desired security criteria from the devices before they are allowed to connect to the network resources. Devices can be laptops, smartphones, tablets or industry-specific hardware.

Criteria for the use of network resources may include e.g. approved operating system, VPN and antivirus systems, and the timeliness of these updates.

Connected other frameworks and requirements:
13.1.1: Network controls
ISO 27001
6.2.1: Mobile device policy
ISO 27001
PR.PT-4: Communications and control networks
NIST CSF
8.1: User endpoint devices
ISO 27001
9.3 (MIL1): Implement IT and OT Asset Security as an Element of the Cybersecurity Architecture
C2M2
No items found.