Jump to content

Cyber Security Management System

Add links
From Wikipedia, the free encyclopedia
This is an old revision of this page, as edited by Bobrayner (talk | contribs) at 14:39, 28 November 2024 (New: Cyber Security Management System. I'll expand it a bit more...). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.
(diff) ← Previous revision | Latest revision (diff) | Newer revision → (diff)

A Cyber Security Management System is a form of Information security management system, particularly focussed on protecting automation and transport systems.[1]. The EU Cybersecurity Act, of 2019, led to the creation of UNECE working groups which developed the Cyber Security Management Systems (CSMS) concept (and also an approach for securing over-the-air updates of vehicle systems), which were formalised in UN Regulation 155.[2]


Context

Security technologies, and threats, can evolve much more quickly than regulatory bodies; so the the CSMS emphasises a system of technologies and processes which can adapt more quickly, without relying on a narrowly-defined list of technical controls in a standard.[3] Consequently, the CSMS is intended to be technology-neutral, much like ISO 27001, unlike detailed technical security standards such as PCI DSS.

Framework

See also


References

  1. ^ https://www.msg-plaut.com/cybersecurity/cyber-security-management-systems-csms
  2. ^ https://unece.org/sustainable-development/press/un-regulations-cybersecurity-and-software-updates-pave-way-mass-roll
  3. ^ https://plaxidityx.com/blog/standards-and-compliance/unece-recommendation-on-software-update-processes/

Further Reading

Retrieved from "https://en.wikipedia.org/w/index.php?title=Cyber_Security_Management_System&oldid=1260042310"