Nacionālās kiberdrošības likums (Latvia)

Requirement

27.(e): Dublējumi un šifrēšana

Oh no! No description found. But not to worry. Read from Tasks below how to advance this topic.

Subjekts veic piemērotus un samērīgus tehniskos un organizatoriskos pasākumus, lai pārvaldītu kiberriskus subjekta izmantoto elektronisko sakaru tīklu un informācijas sistēmu drošībai un novērstu vai līdz minimumam samazinātu kiberincidentu ietekmi uz subjekta pakalpojumu saņēmējiem un uz citiem pakalpojumiem.

See how Cyberday guides you to fulfill this requirement:

Start free trial

This requirement is part of the framework:

Nacionālās kiberdrošības likums (Latvia)

Other requirements of the framework

27.(e): Dublējumi un šifrēšana

Best practices

How to implement:

27.(e): Dublējumi un šifrēšana

This policy on

27.(e): Dublējumi un šifrēšana

provides a set concrete tasks you can complete to secure this topic. Follow these best practices to ensure compliance and strengthen your overall security posture.

Subjekts veic piemērotus un samērīgus tehniskos un organizatoriskos pasākumus, lai pārvaldītu kiberriskus subjekta izmantoto elektronisko sakaru tīklu un informācijas sistēmu drošībai un novērstu vai līdz minimumam samazinātu kiberincidentu ietekmi uz subjekta pakalpojumu saņēmējiem un uz citiem pakalpojumiem.

Read below what concrete actions you can take to improve this ->

Frameworks that include requirements for this topic:

No items found.

How to improve security around this topic

In Cyberday, requirements and controls are mapped to universal tasks. A set of tasks in the same topic create a Policy, such as this one.

Here's a list of tasks that help you improve your information and cyber security related to

27.(e): Dublējumi un šifrēšana

Task name

Priority

Task completes

Complete these tasks to increase your compliance in this policy.

Critical

No other tasks found.

Complete these tasks in Cyberday ISMS ->

How to comply with this requirement

In Cyberday, requirements and controls are mapped to universal tasks. Each requirement is fulfilled with one or multiple tasks.

Here's a list of tasks that help you comply with the requirement

27.(e): Dublējumi un šifrēšana

of the framework

Nacionālās kiberdrošības likums (Latvia)

Task name

Priority

Task completes

Complete these tasks to increase your compliance in this policy.

Critical

Encryption of backup data

Critical

High

Normal

Low

Technical cyber security

Encryption

Encryption of backup data

Članak 30.1.h: Kriptografije NIS2 Croatia

9.8 §: Salaus Kyberturvallisuuslaki

5.2.9: Backup and recovery management TISAX

30 § 3.8°: La cryptographie et du chiffrement NIS2 Belgium

2.9.4: Protect backups against intentional and unintentional deletion, manipulation and reading NSM ICT-SP

Encryption of laptops

Critical

High

Normal

Low

Technical cyber security

Encryption

Encryption of laptops

Članak 30.1.h: Kriptografije NIS2 Croatia

9.8 §: Salaus Kyberturvallisuuslaki

3.1.4: Management of IT and mobile data storage devices TISAX

30 § 3.8°: La cryptographie et du chiffrement NIS2 Belgium

2.7.3: Encrypt storage media which contain confidential data and which can easily be lost or compromised NSM ICT-SP

Regular testing, evaluation, and recovery instructions for backups

Critical

High

Normal

Low

Technical cyber security

Backups

Regular testing, evaluation, and recovery instructions for backups

Članak 30.1.c: Kontinuitet poslovanja NIS2 Croatia

9.10 §: Varmuuskopiointi ja jatkuvuuden hallinta Kyberturvallisuuslaki

5.2.9: Backup and recovery management TISAX

30 § 3.3°: La continuité et la gestion des crises NIS2 Belgium

2.9.3: Test backups regularly NSM ICT-SP

Documenting and delegating ownership of own backup processes

Critical

High

Normal

Low

Technical cyber security

Backups

Documenting and delegating ownership of own backup processes

Članak 30.1.c: Kontinuitet poslovanja NIS2 Croatia

9.10 §: Varmuuskopiointi ja jatkuvuuden hallinta Kyberturvallisuuslaki

5.2.9: Backup and recovery management TISAX

30 § 3.3°: La continuité et la gestion des crises NIS2 Belgium

2.9.1: Plan for regular backups of all the organisation’s data NSM ICT-SP

Encryption key inventory and management system

Critical

High

Normal

Low

Technical cyber security

Encryption

Encryption key inventory and management system

10.1.2: Key management ISO 27017

21.2.h: Encryption NIS2

CC6.1c: Technical security for protected information assets SOC 2

9.8 §: Salaus Kyberturvallisuuslaki

2.7.1: Establish crypto strategy in the organisation NSM ICT-SP

Good encryption key management practices

Critical

High

Normal

Low

Technical cyber security

Encryption

Good encryption key management practices

10.1.2: Key management ISO 27001

I12: Salausratkaisut Katakri

6.6.3: Tekniset vaatimukset Omavalvontasuunnitelma

TEK-16: Tiedon salaaminen Julkri

21.2.h: Encryption NIS2

Encryption of portable media

Critical

High

Normal

Low

Technical cyber security

Encryption

Encryption of portable media

8.3.1: Management of removable media ISO 27001

8.3.3: Physical media transfer ISO 27001

10.1.1: Policy on the use of cryptographic controls ISO 27001

PR.PT-2: Removable media NIST

A.11.4: Protecting data on storage media leaving the premises ISO 27018

Determining responsibilities for backing up important information assets

Critical

High

Normal

Low

Technical cyber security

Backups

Determining responsibilities for backing up important information assets

Članak 30.1.c: Kontinuitet poslovanja NIS2 Croatia

9.10 §: Varmuuskopiointi ja jatkuvuuden hallinta Kyberturvallisuuslaki

5.2.9: Backup and recovery management TISAX

30 § 3.3°: La continuité et la gestion des crises NIS2 Belgium

2.9.1: Plan for regular backups of all the organisation’s data NSM ICT-SP

Protection of data in transit

Critical

High

Normal

Low

Technical cyber security

Encryption

Protection of data in transit

PR.DS-2: Data-in-transit NIST

21.2.h: Encryption NIS2

Article 9a: Protection DORA

5.1.2: Information transfer TISAX

9.8 §: Salaus Kyberturvallisuuslaki

Encryption solution and guidelines for personnel to encrypt transferred information

Critical

High

Normal

Low

Technical cyber security

Encryption

Encryption solution and guidelines for personnel to encrypt transferred information

TEK-16: Tiedon salaaminen Julkri

21.2.h: Encryption NIS2

9.8 §: Salaus Kyberturvallisuuslaki

3.11: Encrypt Sensitive Data at Rest CIS 18

Članak 30.1.h: Kriptografije NIS2 Croatia

Revision of encryption methods and assessment of adequacy

Critical

High

Normal

Low

Technical cyber security

Encryption

Revision of encryption methods and assessment of adequacy

10.1.1: Policy on the use of cryptographic controls ISO 27001

8.24: Use of cryptography ISO 27001

21.2.h: Encryption NIS2

CC6.1c: Technical security for protected information assets SOC 2

5.1.1: Cryptography management TISAX

Complete these tasks in Cyberday ISMS ->

The ISMS component hierachy

When building an ISMS, it's important to understand the different levels of information hierarchy. Here's how Cyberday is structured.

Framework

Sets the overall compliance standard or regulation your organization needs to follow.

Requirements

Break down the framework into specific obligations that must be met.

Tasks

Concrete actions and activities your team carries out to satisfy each requirement.

Policies

Documented rules and practices that are created and maintained as a result of completing tasks.

Never duplicate effort. Do it once - improve compliance across frameworks.

Reach multi-framework compliance in the simplest possible way‍

Security frameworks tend to share the same core requirements - like risk management, backup, malware, personnel awareness or access management.

Cyberday maps all frameworks’ requirements into shared tasks - one single plan that improves all frameworks’ compliance.

Do it once - we automatically apply it to all current and future frameworks.

Start free trial