logo

Frameworks (9)

There are so many Frameworks - Which one should I pick?

Picking a cyber security framework

National Institute of Standards and Technology (NIST) Cybersecurity Framework (NIST CSF)

National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53, Security and Privacy Controls for Information Systems and Organizations

International Organization for Standardization (ISO) 27001/27002

  • ISO/IEC 27001:2022 - Information security, cybersecurity and privacy protection — Information security management systems — Requirements
  • ISO/IEC 27002:2022 - Information security, cybersecurity and privacy protection — Information security controls

Secure Controls Framework (SCF)

CIS - Centre for Internet Security Controls

NHS Data Security and Protection Toolkit (DSPT)

MITRE ATT&CK (ATTACK)

A knowledge base of adversary tactics and techniques

MITRE D3FEND (DEFEND)

A knowledge graph of cybersecurity countermeasures

ISO CC Common Criteria ISO/IEC 15408-1:2022