This is an old revision of this page, as edited by Idoghor Melody (talk | contribs) at 18:51, 28 November 2024 (clean up, added Empty section (1) tag, typo(s) fixed: the the → the). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.
Revision as of 18:51, 28 November 2024 by Idoghor Melody (talk | contribs) (clean up, added Empty section (1) tag, typo(s) fixed: the the → the)(diff) ← Previous revision | Latest revision (diff) | Newer revision → (diff)A Cyber Security Management System is a form of Information security management system, particularly focussed on protecting automation and transport systems. The EU Cybersecurity Act, of 2019, led to the creation of UNECE working groups which developed the Cyber Security Management Systems (CSMS) concept (and also an approach for securing over-the-air updates of vehicle systems), which were formalised in UN Regulation 155.
Context
Security technologies, and threats, can evolve much more quickly than regulatory bodies; so the CSMS emphasises a system of technologies and processes which can adapt more quickly, without relying on a narrowly-defined list of technical controls in a standard. Consequently, the CSMS is intended to be technology-neutral, much like ISO 27001, unlike detailed technical security standards such as PCI DSS.
Framework
 | This section is empty. You can help by adding to it. (November 2024) |
See also
References
- https://www.msg-plaut.com/cybersecurity/cyber-security-management-systems-csms
- https://unece.org/sustainable-development/press/un-regulations-cybersecurity-and-software-updates-pave-way-mass-roll
- https://plaxidityx.com/blog/standards-and-compliance/unece-recommendation-on-software-update-processes/