ДСТУ ISO/IEC TS 27100:2023 Информационные технологии. Кибербезопасность. Обзор и понятия (ISO/IEC TS 27100:2020, IDT)

ДСТУ ISO/IEC TS 27100:2023
(ISO/IEC TS 27100:2020, IDT)

Інформаційні технології. Кібербезпека. Огляд і поняття

 
   
 
Не є офіційним виданням.
Офіційне видання розповсюджує національний орган стандартизації
(ДП «УкрНДНЦ» http://uas.gov.ua)

Contents

Foreword

Introduction

1 Scope

2 Normative references

3 Terms and definitions

4 Concepts

4.1 Cyberspace

4.2 Cybersecurity

5 Relationship between cybersecurity and relevant concepts

5.1 Relationship between information security and cybersecurity

5.2 Relationship between ISMS and cybersecurity

5.3 Cybersecurity framework

5.4 Cybersecurity and safety

5.5 Cyber insurance

6 Risk management approach in the context of cybersecurity

6.1 General

6.2 Threat identification

6.3 Risk identification

7 Cyber threats

7.1 General

7.2 General business organization

7.3 Industrial organization and industrial automation and control systems

7.4 Products, services, and supplier relationships

7.5 Telecommunications services/internet service providers

7.6 Public authorities

7.7 Critical infrastructure

7.8 Individual person

8 Incident management in cybersecurity

8.1 General

8.2 Incident management within an organization

8.3 Cross-organizational coordination

8.4 Technical support by product and service supplier

Annex A (informative) A layered model representing cyberspace

Bibliography