Jump to content

Cyber Security Management System

Add links
From Wikipedia, the free encyclopedia
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

A Cyber Security Management System is a form of Information security management system, particularly focussed on protecting automation and transport systems.[1] The EU Cybersecurity Act, of 2019, led to the creation of UNECE working groups which developed the Cyber Security Management Systems (CSMS) concept (and also an approach for securing over-the-air updates of vehicle systems), which were formalised in UN Regulation 155.[2]

Context

Security technologies, and threats, can evolve much more quickly than regulatory bodies; so the CSMS emphasises a system of technologies and processes which can adapt more quickly, without relying on a narrowly-defined list of technical controls in a standard.[3] Consequently, the CSMS is intended to be technology-neutral, much like ISO 27001, unlike detailed technical security standards such as PCI DSS.

Framework

See also

References

  1. ^ "Automotive".
  2. ^ "UN Regulations on Cybersecurity and Software Updates to pave the way for mass roll out of connected vehicles | UNECE".
  3. ^ "UNECE Recommendation on Software Update Processes - Argus". 26 May 2020.

Further reading

Retrieved from "https://en.wikipedia.org/w/index.php?title=Cyber_Security_Management_System&oldid=1278827451"