Requirement

Network security

Oh no! No description found. But not to worry. Read from Tasks below how to advance this topic.

Fulfill this requirement by completing the tasks below ->
Network security
This requirement is part of the framework:  

Other requirements of the framework

No items found.
0
Network security
No items found.
Technical cyber security
Best practices
How to implement:
Network security
This policy on
Network security
provides a set concrete tasks you can complete to secure this topic. Follow these best practices to ensure compliance and strengthen your overall security posture.
Read below what concrete actions you can take to improve this ->
Technical cyber security
Network security
Frameworks that include requirements for this topic:
Lov om digital sikkerhet (Norge)
Säkerhetsskyddslagen (Sverige)
Cybersikkerhedsloven (Danmark)
Cybersäkerhetslagen (Sverige)
CRA (Cyber Resilience Act)
Nacionālās kiberdrošības likums (Latvia)

How to improve security around this topic

In Cyberday, requirements and controls are mapped to universal tasks. A set of tasks in the same topic create a Policy, such as this one.

Here's a list of tasks that help you improve your information and cyber security related to
Network security
Task name
Priority
Task completes
Complete these tasks to increase your compliance in this policy.
Critical
31 requirements
Develop network diagrams for each logically integrated system
Critical
High
Normal
Low
1
requirements
Technical cyber security
Network security

Develop network diagrams for each logically integrated system

This task helps you comply with the following requirements

No items found.
Network configuration security
Critical
High
Normal
Low
1
requirements
Technical cyber security
Network security

Network configuration security

This task helps you comply with the following requirements

No items found.
Network perimeter security and firewall governance
Critical
High
Normal
Low
1
requirements
Technical cyber security
Network security

Network perimeter security and firewall governance

This task helps you comply with the following requirements

No items found.
Secure network design and encryption measures
Critical
High
Normal
Low
1
requirements
Technical cyber security
Network security

Secure network design and encryption measures

This task helps you comply with the following requirements

No items found.
Network security and segregation
Critical
High
Normal
Low
1
requirements
Technical cyber security
Network security

Network security and segregation

This task helps you comply with the following requirements

No items found.
Fast and accurate data transmission
Critical
High
Normal
Low
1
requirements
Technical cyber security
Network security

Fast and accurate data transmission

This task helps you comply with the following requirements

No items found.
Identify and document critical telecommunication services and networks
Critical
High
Normal
Low
1
requirements
Technical cyber security
Network security

Identify and document critical telecommunication services and networks

This task helps you comply with the following requirements

13.2: Gennemførelse af prioriteringerNIS2 Denmark
Performing application layer filtering
Critical
High
Normal
Low
1
requirements
Technical cyber security
Network security

Performing application layer filtering

This task helps you comply with the following requirements

13.10: Perform Application Layer FilteringCIS 18
Deploying port-level access control
Critical
High
Normal
Low
1
requirements
Technical cyber security
Network security

Deploying port-level access control

This task helps you comply with the following requirements

13.9: Deploy Port-Level Access ControlCIS 18
Performing traffic filtering between network segments
Critical
High
Normal
Low
1
requirements
Technical cyber security
Network security

Performing traffic filtering between network segments

This task helps you comply with the following requirements

13.4: Perform Traffic Filtering Between Network SegmentsCIS 18
Deploying a network intrusion detection solution
Critical
High
Normal
Low
3
requirements
Technical cyber security
Network security

Deploying a network intrusion detection solution

This task helps you comply with the following requirements

13.8: Deploy a Network Intrusion Prevention SolutionCIS 18
13.3: Deploy a Network Intrusion Detection SolutionCIS 18
Using of secure communication protocols and network management
Critical
High
Normal
Low
2
requirements
Technical cyber security
Network security

Using of secure communication protocols and network management

This task helps you comply with the following requirements

12.6: Use of Secure Network Management and Communication ProtocolsCIS 18
3.1.8: Säkrade lösningar för kommunikationNIS2 Sweden
Centralizing network authentication, authorization, and auditing (AAA)
Critical
High
Normal
Low
1
requirements
Technical cyber security
Network security

Centralizing network authentication, authorization, and auditing (AAA)

This task helps you comply with the following requirements

12.5: Centralize Network Authentication, Authorization, and Auditing (AAA)CIS 18
Establishing and maintaining diagram(s) of architecture
Critical
High
Normal
Low
1
requirements
Technical cyber security
Network security

Establishing and maintaining diagram(s) of architecture

This task helps you comply with the following requirements

12.4: Establish and Maintain Architecture Diagram(s)CIS 18
Blocking unnecessary types of files
Critical
High
Normal
Low
2
requirements
Technical cyber security
Network security

Blocking unnecessary types of files

This task helps you comply with the following requirements

9.6: Block Unnecessary File TypesCIS 18
Maintaining and enforcing URL filters based on network
Critical
High
Normal
Low
1
requirements
Technical cyber security
Network security

Maintaining and enforcing URL filters based on network

This task helps you comply with the following requirements

9.3: Maintain and Enforce Network-Based URL FiltersCIS 18
Configuring trusted DNS servers on enterprise assets
Critical
High
Normal
Low
1
requirements
Technical cyber security
Network security

Configuring trusted DNS servers on enterprise assets

This task helps you comply with the following requirements

4.9: Configure Trusted DNS Servers on Enterprise AssetsCIS 18
Procedure for implementing and managing a firewall on servers
Critical
High
Normal
Low
1
requirements
Technical cyber security
Network security

Procedure for implementing and managing a firewall on servers

This task helps you comply with the following requirements

4.4: Implement and Manage a Firewall on ServersCIS 18
Process for secure configuration of network infrastructure
Critical
High
Normal
Low
1
requirements
Technical cyber security
Network security

Process for secure configuration of network infrastructure

This task helps you comply with the following requirements

4.2: Establish and Maintain a Secure Configuration Process for Network InfrastructureCIS 18
Process for using a passive asset discovery tool
Critical
High
Normal
Low
1
requirements
Technical cyber security
Network security

Process for using a passive asset discovery tool

This task helps you comply with the following requirements

1.5: Use a Passive Asset Discovery ToolCIS 18
Secure hosting of systems
Critical
High
Normal
Low
1
requirements
Technical cyber security
Network security

Secure hosting of systems

This task helps you comply with the following requirements

30.(1): Infromācijas sistēmas atbilstošā infrastruktūrā vai datu centrosNIS2 Latvia
Physically isolate the most critical subnets
Critical
High
Normal
Low
1
requirements
Technical cyber security
Network security

Physically isolate the most critical subnets

This task helps you comply with the following requirements

2.2.4: Physically isolate the most critical subnetsNSM ICT-SP
Ensure that maintenance of configurations, installations and operations are done securely
Critical
High
Normal
Low
1
requirements
Technical cyber security
Network security

Ensure that maintenance of configurations, installations and operations are done securely

This task helps you comply with the following requirements

2.3.6: Ensure that maintenance of all configurations, installations and operations are done securelyNSM ICT-SP
Block all direct traffic between clients
Critical
High
Normal
Low
1
requirements
Technical cyber security
Network security

Block all direct traffic between clients

This task helps you comply with the following requirements

2.5.3: Block all direct traffic between clientsNSM ICT-SP
Control the data flow of exposed services
Critical
High
Normal
Low
1
requirements
Technical cyber security
Network security

Control the data flow of exposed services

This task helps you comply with the following requirements

2.5.5: Control the data flow of especially exposed servicesNSM ICT-SP
Protect critical services with their own data flow
Critical
High
Normal
Low
1
requirements
Technical cyber security
Network security

Protect critical services with their own data flow

This task helps you comply with the following requirements

2.5.6: Protect particularly critical services with their own data flowNSM ICT-SP
Deciding which parts of the ICT system to monitor
Critical
High
Normal
Low
1
requirements
Technical cyber security
Network security

Deciding which parts of the ICT system to monitor

This task helps you comply with the following requirements

3.2.3: Decide which parts of the ICT system to monitorNSM ICT-SP
Secure deployment of IoT devices
Critical
High
Normal
Low
1
requirements
Technical cyber security
Network security

Secure deployment of IoT devices

This task helps you comply with the following requirements

2.3.10: Reduce the risk posed by IoT devicesNSM ICT-SP
Protection of critical systems from Denial-of-Service (DoS) attacks
Critical
High
Normal
Low
3
requirements
Technical cyber security
Network security

Protection of critical systems from Denial-of-Service (DoS) attacks

This task helps you comply with the following requirements

PR.DS-4: Adequate capacity to ensure availability is maintained.CyberFundamentals
31: Centralizēta aizsardzība pret pakalpojumatteices kiberuzbrukumiemNIS2 Latvia
Article 13.1(.2.h): AvailabilityCRA
Authenticated proxy servers for critical systems
Critical
High
Normal
Low
1
requirements
Technical cyber security
Network security

Authenticated proxy servers for critical systems

This task helps you comply with the following requirements

PR.AC-5: Network integrity (network segregation, network segmentation… ) is protected.CyberFundamentals
Network areas and structurally secure network design
Critical
High
Normal
Low
23
requirements
Technical cyber security
Network security

Network areas and structurally secure network design

This task helps you comply with the following requirements

13.1.3: Segregation in networksISO 27001
PR.AC-5: Network integrityNIST
8.22: Segregation of networksISO 27001
ARCHITECTURE-2: Implement Network Protections as an Element of the Cybersecurity ArchitectureC2M2
CC6.6: Logical access security measures against threats from sources outside system boundriesSOC 2
CC6.1c: Technical security for protected information assetsSOC 2
Article 9a: ProtectionDORA
3.1.1: Management of secure areasTISAX
5.2.3: Malware protectionTISAX
5.2.7: Network managementTISAX
Network usage log and process for detecting inappropriate network traffic
Critical
High
Normal
Low
28
requirements
Technical cyber security
Network security

Network usage log and process for detecting inappropriate network traffic

This task helps you comply with the following requirements

I11: Poikkeamien havainnointikyky ja toipuminenKatakri
12.4.1: Event loggingISO 27001
13.1.1: Network controlsISO 27001
PR.AC-3: Remote access managementNIST
PR.AC-5: Network integrityNIST
PR.PT-4: Communications and control networksNIST
DE.CM-1: The network monitoringNIST
TEK-13: Poikkeamien havainnointikyky ja toipuminenJulkri
TEK-13.1: Poikkeamien havainnointikyky ja toipuminen - poikkeamien havainnointi lokitiedoistaJulkri
8.20: Networks securityISO 27001
Protection of wireless connections
Critical
High
Normal
Low
13
requirements
Technical cyber security
Network security

Protection of wireless connections

This task helps you comply with the following requirements

I05: Langattomat verkotKatakri
13.1.2: Security of network servicesISO 27001
PR.PT-4: Communications and control networksNIST
TEK-05: Langaton tiedonsiirtoJulkri
8.21: Security of network servicesISO 27001
5.3.2: Network device requirementsTISAX
PR.AC-3: Remote access is managed.CyberFundamentals
PR.PT-4: Communications and control networks are protected. Web and e-mail filters shall be installed and used.CyberFundamentals
2.4.1: Establish access control on as many network ports as possibleNSM ICT-SP
2.4.2: Encrypt all wireless and wired connectionsNSM ICT-SP
Determining the responsibility of network devices
Critical
High
Normal
Low
7
requirements
Technical cyber security
Network security

Determining the responsibility of network devices

This task helps you comply with the following requirements

13.1.1: Network controlsISO 27001
PR.AC-5: Network integrityNIST
DE.CM-1: The network monitoringNIST
8.20: Networks securityISO 27001
DE.CM-1: The network is monitored to detect potential cybersecurity events.CyberFundamentals
Päätelaitteiden tekninen tunnistaminen ennen verkkoon pääsyä (ST III-II)
Critical
High
Normal
Low
1
requirements
Technical cyber security
Network security

Päätelaitteiden tekninen tunnistaminen ennen verkkoon pääsyä (ST III-II)

This task helps you comply with the following requirements

I07: Tietojenkäsittely-ympäristön toimijoiden tunnistaminenKatakri
Ensuring system hardening
Critical
High
Normal
Low
12
requirements
Technical cyber security
Network security

Ensuring system hardening

This task helps you comply with the following requirements

I08: Järjestelmäkovennus Katakri
TEK-10: JärjestelmäkovennusJulkri
TEK-10.2: Järjestelmäkovennus - kovennusten varmistaminen koko elinkaaren ajanJulkri
PR.PT-3: The principle of least functionality is incorporated by configuring systems to provide only essential capabilities.CyberFundamentals
2.3.3: Deactivate unnecessary functionalityNSM ICT-SP
2.3.8: Do not deactivate exploit protection functionsNSM ICT-SP
2.2.1: Establish and maintain a comprehensive security architectureNSM ICT-SP
30.(1): Infromācijas sistēmas atbilstošā infrastruktūrā vai datu centrosNIS2 Latvia
16.7: Use Standard Hardening Configuration Templates for Application InfrastructureCIS 18
Article 13.1(.2.j): Limit attack surfacesCRA
Verkon rakenteellinen turvallisuus (TL IV)
Critical
High
Normal
Low
2
requirements
Technical cyber security
Network security

Verkon rakenteellinen turvallisuus (TL IV)

This task helps you comply with the following requirements

I01: Verkon rakenteellinen turvallisuusKatakri
I-01: TIETOJENKÄSITTELY-YMPÄRISTÖJEN SUOJATTU YHTEENLIITTÄMINEN – VERKON RAKENTEELLINEN TURVALLISUUSKatakri 2020
Verkon rakenteellinen turvallisuus (TL III-II)
Critical
High
Normal
Low
2
requirements
Technical cyber security
Network security

Verkon rakenteellinen turvallisuus (TL III-II)

This task helps you comply with the following requirements

I01: Verkon rakenteellinen turvallisuusKatakri
I-01: TIETOJENKÄSITTELY-YMPÄRISTÖJEN SUOJATTU YHTEENLIITTÄMINEN – VERKON RAKENTEELLINEN TURVALLISUUSKatakri 2020
Network segmentation and filtering practices within the classification level
Critical
High
Normal
Low
11
requirements
Technical cyber security
Network security

Network segmentation and filtering practices within the classification level

This task helps you comply with the following requirements

I02: Verkon vyöhykkeistäminen ja suodatussäännöstötKatakri
TEK-02: Tietoliikenne-verkon vyöhykkeistäminenJulkri
ARCHITECTURE-2: Implement Network Protections as an Element of the Cybersecurity ArchitectureC2M2
I-02: VÄHIMPIEN OIKEUKSIEN PERIAATE - TIETOLIIKENNE-VERKON VYÖHYKKEISTÄMINEN JA SUODATUSSÄÄNNÖSTÖT KO. TURVALLISUUSLUOKAN SISÄLLÄKatakri 2020
PR.AC-5: Network integrity (network segregation, network segmentation… ) is protected.CyberFundamentals
2.5.7: Maintain control of data flow between the organisation and its partners / service providersNSM ICT-SP
2.5.1: Control data flow between network zonesNSM ICT-SP
2.2.3: Segment the organisation’s network in accordance with its risk profileNSM ICT-SP
2.5.5: Control the data flow of especially exposed servicesNSM ICT-SP
2.5.6: Protect particularly critical services with their own data flowNSM ICT-SP
Management of filtering and monitoring systems
Critical
High
Normal
Low
19
requirements
Technical cyber security
Network security

Management of filtering and monitoring systems

This task helps you comply with the following requirements

I03: Suodatus- ja valvontajärjestelmien hallinnointiKatakri
TEK-03: Suodatus- ja valvontajärjestelmien hallinnointiJulkri
TEK-03.2: Suodatus- ja valvontajärjestelmien hallinnointi - dokumentointiJulkri
TEK-03.3: Suodatus- ja valvontajärjestelmien hallinnointi - tarkastuksetJulkri
TEK-03.1: Suodatus- ja valvontajärjestelmien hallinnointi - vastuutus ja organisointiJulkri
8.20: Networks securityISO 27001
I-03: TIETOJENKÄSITTELY-YMPÄRISTÖN TURVALLISUUS KOKO ELINKAAREN AJAN – SUODATUS- JA VALVONTAJÄRJESTELMIEN HALLINNOINTIKatakri 2020
5.2.7: Network managementTISAX
DE.CM-3: Personnel activity is monitored to detect potential cybersecurity events.CyberFundamentals
PR.PT-4: Communications and control networks are protected. Web and e-mail filters shall be installed and used.CyberFundamentals
Hallintayhteyksien turvallisuus
Critical
High
Normal
Low
3
requirements
Technical cyber security
Network security

Hallintayhteyksien turvallisuus

This task helps you comply with the following requirements

I04: HallintayhteydetKatakri
TEK-04: HallintayhteydetJulkri
I-04: TIETOJENKÄSITTELY-YMPÄRISTÖJEN SUOJATTU YHTEENLIITTÄMINEN – HALLINTAYHTEYDETKatakri 2020
Palomuurisuojaus
Critical
High
Normal
Low
1
requirements
Technical cyber security
Network security

Palomuurisuojaus

This task helps you comply with the following requirements

6.6.3: Tekniset vaatimuksetOmavalvontasuunnitelma
Firewall administration policies
Critical
High
Normal
Low
3
requirements
Technical cyber security
Network security

Firewall administration policies

This task helps you comply with the following requirements

FWL-01: Firewall administration policiesCyber Essentials
DE.CM-1: The network is monitored to detect potential cybersecurity events.CyberFundamentals
Documenting and managing the firewall administration policies
Critical
High
Normal
Low
9
requirements
Technical cyber security
Network security

Documenting and managing the firewall administration policies

This task helps you comply with the following requirements

FWL-02: Documenting and managing the firewall administration policiesCyber Essentials
PR.AC-5: Network integrity (network segregation, network segmentation… ) is protected.CyberFundamentals
2.4.1: Establish access control on as many network ports as possibleNSM ICT-SP
2.5.7: Maintain control of data flow between the organisation and its partners / service providersNSM ICT-SP
2.4.4: Activate firewall on all clients and serversNSM ICT-SP
2.5.1: Control data flow between network zonesNSM ICT-SP
31: Centralizēta aizsardzība pret pakalpojumatteices kiberuzbrukumiemNIS2 Latvia
4.4: Implement and Manage a Firewall on ServersCIS 18
4.5: Implement and Manage a Firewall on End-User DevicesCIS 18
Segregation of network access related to offered cloud services
Critical
High
Normal
Low
4
requirements
Technical cyber security
Network security

Segregation of network access related to offered cloud services

This task helps you comply with the following requirements

13.1.3: Segregation in networksISO 27017
PR.AC-5: Network integrityNIST
2.2.3: Segment the organisation’s network in accordance with its risk profileNSM ICT-SP
§ 10.c: Nettverkssegmentering og privilegierNIS2 NO
Remote connection management
Critical
High
Normal
Low
11
requirements
Technical cyber security
Network security

Remote connection management

This task helps you comply with the following requirements

PR.AC-3: Remote access managementNIST
I-18: TURVALLISUUSLUOKITELTUJEN TIETOJEN VÄLITYS JA KÄSITTELY FYYSISESTI SUOJATTUJEN ALUEIDEN VÄLILLÄ - ETÄKÄYTTÖ JA ETÄHALLINTAKatakri 2020
5.1.2: Information transferTISAX
PR.MA-2: Remote maintenance of organizational assets is approved, logged, and performed in a manner that prevents unauthorized access.CyberFundamentals
PR.AC-3: Remote access is managed.CyberFundamentals
PR.PT-4: Communications and control networks are protected. Web and e-mail filters shall be installed and used.CyberFundamentals
2.5.2: Restrict access to internal services from external locationsNSM ICT-SP
6.4: Require MFA for Remote Network AccessCIS 18
13.5: Manage Access Control for Remote AssetsCIS 18
Article 33: Access ControlDORA simplified RMF
Baseline for normal network traffic
Critical
High
Normal
Low
2
requirements
Technical cyber security
Network security

Baseline for normal network traffic

This task helps you comply with the following requirements

DE.AE-1: Baseline of network operationsNIST
DE.AE-1: A baseline of network operations and expected data flows for users and systems is established and managed.CyberFundamentals
Remote maintenance of assets
Critical
High
Normal
Low
2
requirements
Technical cyber security
Network security

Remote maintenance of assets

This task helps you comply with the following requirements

PR.MA-2: Asset remote management and repairNIST
PR.MA-2: Remote maintenance of organizational assets is approved, logged, and performed in a manner that prevents unauthorized access.CyberFundamentals
Structural security of the network
Critical
High
Normal
Low
7
requirements
Technical cyber security
Network security

Structural security of the network

This task helps you comply with the following requirements

TEK-01: Verkon rakenteellinen turvallisuusJulkri
ARCHITECTURE-2: Implement Network Protections as an Element of the Cybersecurity ArchitectureC2M2
PR.AC-5: Network integrity (network segregation, network segmentation… ) is protected.CyberFundamentals
2.2.3: Segment the organisation’s network in accordance with its risk profileNSM ICT-SP
2.3.10: Reduce the risk posed by IoT devicesNSM ICT-SP
12.4: Establish and Maintain Architecture Diagram(s)CIS 18
§ 2.2.2 (Skydd): InformationssäkerhetsskyddsåtgärderSSL
Tietojenkäsittely-ympäristöjen erottelu palomuurilla
Critical
High
Normal
Low
1
requirements
Technical cyber security
Network security

Tietojenkäsittely-ympäristöjen erottelu palomuurilla

This task helps you comply with the following requirements

TEK-01.2: Verkon rakenteellinen turvallisuus - palomuuriJulkri
Tietojenkäsittely-ympäristöjen erottelu
Critical
High
Normal
Low
1
requirements
Technical cyber security
Network security

Tietojenkäsittely-ympäristöjen erottelu

This task helps you comply with the following requirements

TEK-01.3: Verkon rakenteellinen turvallisuus - käsittely-ympäristöjen erottaminenJulkri
Vähimpien oikeuksien periaate verkkojen vyöhykkeistämisessä
Critical
High
Normal
Low
2
requirements
Technical cyber security
Network security

Vähimpien oikeuksien periaate verkkojen vyöhykkeistämisessä

This task helps you comply with the following requirements

TEK-02.1: Tietoliikenne-verkon vyöhykkeistäminen - vähimpien oikeuksien periaateJulkri
I-02: VÄHIMPIEN OIKEUKSIEN PERIAATE - TIETOLIIKENNE-VERKON VYÖHYKKEISTÄMINEN JA SUODATUSSÄÄNNÖSTÖT KO. TURVALLISUUSLUOKAN SISÄLLÄKatakri 2020
Kasautumisvaikutuksen huomiointi tietojenkäsittely-ympäristön suojauksessa
Critical
High
Normal
Low
1
requirements
Technical cyber security
Network security

Kasautumisvaikutuksen huomiointi tietojenkäsittely-ympäristön suojauksessa

This task helps you comply with the following requirements

TEK-06: KasautumisvaikutusJulkri
Tietojenkäsittely-ympäristöjen yhdistäminen yhdyskäytäväratkaisulla (TL III)
Critical
High
Normal
Low
1
requirements
Technical cyber security
Network security

Tietojenkäsittely-ympäristöjen yhdistäminen yhdyskäytäväratkaisulla (TL III)

This task helps you comply with the following requirements

TEK-01.5: Verkon rakenteellinen turvallisuus - yhdyskäytäväratkaisun käyttö - TL IIIJulkri
Verkon rakenteellinen turvallisuus TL II -luokan ympäristöissä (TL II)
Critical
High
Normal
Low
2
requirements
Technical cyber security
Network security

Verkon rakenteellinen turvallisuus TL II -luokan ympäristöissä (TL II)

This task helps you comply with the following requirements

TEK-01.6: Verkon rakenteellinen turvallisuus - käsittely - TL IIJulkri
I-01: TIETOJENKÄSITTELY-YMPÄRISTÖJEN SUOJATTU YHTEENLIITTÄMINEN – VERKON RAKENTEELLINEN TURVALLISUUSKatakri 2020
Verkon rakenteellinen turvallisuus TL I -luokan ympäristöissä (TL I)
Critical
High
Normal
Low
2
requirements
Technical cyber security
Network security

Verkon rakenteellinen turvallisuus TL I -luokan ympäristöissä (TL I)

This task helps you comply with the following requirements

TEK-01.7: Verkon rakenteellinen turvallisuus - käsittely - TL I Julkri
I-01: TIETOJENKÄSITTELY-YMPÄRISTÖJEN SUOJATTU YHTEENLIITTÄMINEN – VERKON RAKENTEELLINEN TURVALLISUUSKatakri 2020
Järjestelmäkovennus turvallisuusluokitelluissa ympäristöissä (TL III)
Critical
High
Normal
Low
2
requirements
Technical cyber security
Network security

Järjestelmäkovennus turvallisuusluokitelluissa ympäristöissä (TL III)

This task helps you comply with the following requirements

TEK-10.3: Järjestelmäkovennus - turvallisuusluokitellut ympäristöt - TL IIIJulkri
I-08: VÄHIMMÄISTOIMINTOJEN JA VÄHIMPIEN OIKEUKSIEN PERIAATE – JÄRJESTELMÄKOVENNUSKatakri 2020
Laitetunnistus etäkäytön yhteydessä (TL III)
Critical
High
Normal
Low
2
requirements
Technical cyber security
Network security

Laitetunnistus etäkäytön yhteydessä (TL III)

This task helps you comply with the following requirements

TEK-18.6: Etäkäyttö - laitetunnistus - TL IIIJulkri
I-18: TURVALLISUUSLUOKITELTUJEN TIETOJEN VÄLITYS JA KÄSITTELY FYYSISESTI SUOJATTUJEN ALUEIDEN VÄLILLÄ - ETÄKÄYTTÖ JA ETÄHALLINTAKatakri 2020
Etäkäyttö turvallisuuden lisävaatimkset (TL III)
Critical
High
Normal
Low
2
requirements
Technical cyber security
Network security

Etäkäyttö turvallisuuden lisävaatimkset (TL III)

This task helps you comply with the following requirements

TEK-18.7: Etäkäyttö - TL IIIJulkri
I-18: TURVALLISUUSLUOKITELTUJEN TIETOJEN VÄLITYS JA KÄSITTELY FYYSISESTI SUOJATTUJEN ALUEIDEN VÄLILLÄ - ETÄKÄYTTÖ JA ETÄHALLINTAKatakri 2020
Defining standard templates for secure configurations
Critical
High
Normal
Low
14
requirements
Technical cyber security
Network security

Defining standard templates for secure configurations

This task helps you comply with the following requirements

8.9: Configuration managementISO 27001
ASSET-3: Manage IT and OT Asset ConfigurationC2M2
CC7.1: Procedures for monitoring changes to configurationsSOC 2
1.2.4: Definition of responsibilities with service providersTISAX
9.3 §: Tietojärjestelmien hankinta ja kehittäminenKyberturvallisuuslaki
5.3.2: Network device requirementsTISAX
2.3.4: Establish and maintain standard security configurationsNSM ICT-SP
2.9.2: Include backups of software to ensure recoveryNSM ICT-SP
4.1: Establish and Maintain a Secure Configuration ProcessCIS 18
4.2: Establish and Maintain a Secure Configuration Process for Network InfrastructureCIS 18
Configuration management and change log
Critical
High
Normal
Low
12
requirements
Technical cyber security
Network security

Configuration management and change log

This task helps you comply with the following requirements

8.9: Configuration managementISO 27001
CC7.1: Procedures for monitoring changes to configurationsSOC 2
1.2.4: Definition of responsibilities with service providersTISAX
PR.IP-3: Configuration change control processes are in place.CyberFundamentals
DE.CM-7: Monitoring for unauthorized personnel, connections, devices, and software is performed.CyberFundamentals
2.3.5: Verify that activated security configurations comply with the organisation’s approved security configurationsNSM ICT-SP
2.3.4: Establish and maintain standard security configurationsNSM ICT-SP
PR.PS-01: Configuration managementNIST 2.0
4.1: Establish and Maintain a Secure Configuration ProcessCIS 18
4.2: Establish and Maintain a Secure Configuration Process for Network InfrastructureCIS 18
Isolate vulnerable and low-trust equipment
Critical
High
Normal
Low
1
requirements
Technical cyber security
Network security

Isolate vulnerable and low-trust equipment

This task helps you comply with the following requirements

2.5.4: Isolate vulnerable and low-trust equipmentNSM ICT-SP
Redundancy solutions for networks
Critical
High
Normal
Low
2
requirements
Technical cyber security
Network security

Redundancy solutions for networks

This task helps you comply with the following requirements

5.3.2: Network device requirementsTISAX
PR.IR-04: Resource capacityNIST 2.0
Detailed procedures for the management, control and segmentation of networks
Critical
High
Normal
Low
7
requirements
Technical cyber security
Network security

Detailed procedures for the management, control and segmentation of networks

This task helps you comply with the following requirements

5.2.7: Network managementTISAX
14.5.10.b): Prieigos kontrolėNIS2 Lithuania
PR.IR-01: Unauthorized access to networks and environmentsNIST 2.0
Članak 30.1.e: Sigurnost u nabavi, razvoju i održavanju mrežnih i informacijskih sustavaNIS2 Croatia
3.1.8: Säkrade lösningar för kommunikationNIS2 Sweden
13.2: Gennemførelse af prioriteringerNIS2 Denmark
§ 10.c: Nettverkssegmentering og privilegierNIS2 NO
Järjestelmien koventaminen käytössä olevien palveluiden minimoinnilla
Critical
High
Normal
Low
2
requirements
Technical cyber security
Network security

Järjestelmien koventaminen käytössä olevien palveluiden minimoinnilla

This task helps you comply with the following requirements

TEK-10.1: Järjestelmäkovennus - käytössä olevien palveluiden minimointiJulkri
I-08: VÄHIMMÄISTOIMINTOJEN JA VÄHIMPIEN OIKEUKSIEN PERIAATE – JÄRJESTELMÄKOVENNUSKatakri 2020
Monitoring configurations
Critical
High
Normal
Low
10
requirements
Technical cyber security
Network security

Monitoring configurations

This task helps you comply with the following requirements

8.9: Configuration managementISO 27001
1.2.4: Definition of responsibilities with service providersTISAX
DE.CM-7: Monitoring for unauthorized personnel, connections, devices, and software is performed.CyberFundamentals
2.5.1: Control data flow between network zonesNSM ICT-SP
2.3.5: Verify that activated security configurations comply with the organisation’s approved security configurationsNSM ICT-SP
2.3.4: Establish and maintain standard security configurationsNSM ICT-SP
PR.PS-01: Configuration managementNIST 2.0
DE.CM-09: Monitoring IT resourcesNIST 2.0
4.1: Establish and Maintain a Secure Configuration ProcessCIS 18
4.2: Establish and Maintain a Secure Configuration Process for Network InfrastructureCIS 18
Complete these tasks in Cyberday ISMS ->

How to comply with this requirement

In Cyberday, requirements and controls are mapped to universal tasks. Each requirement is fulfilled with one or multiple tasks.

Here's a list of tasks that help you comply with the requirement
Network security
of the framework  
Task name
Priority
Task completes
Complete these tasks to increase your compliance in this policy.
Critical
31 requirements
No other tasks found.
Complete these tasks in Cyberday ISMS ->

The ISMS component hierachy

When building an ISMS, it's important to understand the different levels of information hierarchy. Here's how Cyberday is structured.

Framework

Sets the overall compliance standard or regulation your organization needs to follow.

Requirements

Break down the framework into specific obligations that must be met.

Tasks

Concrete actions and activities your team carries out to satisfy each requirement.

Policies

Documented rules and practices that are created and maintained as a result of completing tasks.

Never duplicate effort. Do it once - improve compliance across frameworks.

Reach multi-framework compliance in the simplest possible way
Security frameworks tend to share the same core requirements - like risk management, backup, malware, personnel awareness or access management.
Cyberday maps all frameworks’ requirements into shared tasks - one single plan that improves all frameworks’ compliance.
Do it once - we automatically apply it to all current and future frameworks.
Start free trial
Effortless compliance improvement
Widest framework library in EU
Extensive support

Start your compliance journey

Use in MS Teams or use your browser with Slack integration.
Risk free trial. No credit card required. Stop at any time.

Start free 14-day trial
Book a meeting
How it works?
SummarySecurity tasks and assuranceDocumentation workflowsEmployee guidelinesReporting templates
Use cases
By frameworkAll frameworksISO 27001NIS2 directiveNIST CSFCSA CCMISO 27701GDPRISO 27017ISO 27018
By methodCyber risk managementEmployee awarenessCompliance reportingControl managementAsset managementPrivacy managementVendor assessments
Resources
AcademyWebinarsBlogHelp articlesVideo coursesContent libraryGuidesNewsletterLeave a reviewPartner programTeamTerms of usePrivacy policy
Contact us
+358 10 231 6010
team@cyberday.ai
App works in:
Known in Finland as Digiturvamalli
© Cyberday Inc. Kalevantie 2 33100 Tampere, Finland
Cyberday.ai - Improve and certify your cyber security