Revision as of 14:39, 28 November 2024 editBobrayner (talk | contribs)Autopatrolled, Extended confirmed users, Pending changes reviewers, Rollbackers53,706 edits New: Cyber Security Management System. I'll expand it a bit more... | Latest revision as of 01:15, 9 December 2024 edit undoWikiCleanerBot (talk | contribs)Bots925,164 editsm v2.05b - Bot T5 CW#16 - Fix errors for CW project (Unicode control characters)Tag: WPCleaner | ||
(2 intermediate revisions by 2 users not shown) | |||
Line 1: | Line 1: | ||
A '''Cyber Security Management System''' is a form of ], particularly focussed on protecting automation and transport systems.<ref>https://www.msg-plaut.com/cybersecurity/cyber-security-management-systems-csms</ref> |
A '''Cyber Security Management System''' is a form of ], particularly focussed on protecting automation and transport systems.<ref>{{cite web | url=https://www.msg-plaut.com/cybersecurity/cyber-security-management-systems-csms | title=Automotive }}</ref> The EU Cybersecurity Act, of 2019, led to the creation of ] working groups which developed the Cyber Security Management Systems (CSMS) concept (and also an approach for securing over-the-air updates of vehicle systems), which were formalised in ].<ref>{{cite web | url=https://unece.org/sustainable-development/press/un-regulations-cybersecurity-and-software-updates-pave-way-mass-roll | title=UN Regulations on Cybersecurity and Software Updates to pave the way for mass roll out of connected vehicles | UNECE }}</ref> | ||
==Context== | ==Context== | ||
Security technologies, and threats, can evolve much more quickly than regulatory bodies; so |
Security technologies, and threats, can evolve much more quickly than regulatory bodies; so the CSMS emphasises a system of technologies and processes which can adapt more quickly, without relying on a narrowly-defined list of technical controls in a standard.<ref>{{cite web | url=https://plaxidityx.com/blog/standards-and-compliance/unece-recommendation-on-software-update-processes/ | title=UNECE Recommendation on Software Update Processes - Argus | date=26 May 2020 }}</ref> Consequently, the CSMS is intended to be technology-neutral, much like ], unlike detailed technical security standards such as ]. | ||
==Framework== | ==Framework== | ||
{{Empty section|date=November 2024}} | |||
==See also== | ==See also== | ||
Line 13: | Line 13: | ||
* ] | * ] | ||
* ] | * ] | ||
==References== | ==References== | ||
{{reflist}} | {{reflist}} | ||
==Further |
==Further reading== | ||
* | * | ||
Latest revision as of 01:15, 9 December 2024
A Cyber Security Management System is a form of Information security management system, particularly focussed on protecting automation and transport systems. The EU Cybersecurity Act, of 2019, led to the creation of UNECE working groups which developed the Cyber Security Management Systems (CSMS) concept (and also an approach for securing over-the-air updates of vehicle systems), which were formalised in UN Regulation 155.
Context
Security technologies, and threats, can evolve much more quickly than regulatory bodies; so the CSMS emphasises a system of technologies and processes which can adapt more quickly, without relying on a narrowly-defined list of technical controls in a standard. Consequently, the CSMS is intended to be technology-neutral, much like ISO 27001, unlike detailed technical security standards such as PCI DSS.
Framework
This section is empty. You can help by adding to it. (November 2024) |
See also
References
- "Automotive".
- "UN Regulations on Cybersecurity and Software Updates to pave the way for mass roll out of connected vehicles | UNECE".
- "UNECE Recommendation on Software Update Processes - Argus". 26 May 2020.