Professional Documents
Culture Documents
Overview of Threat Landscape
Overview of Threat Landscape
Overview of Threat Landscape
Threat
Landscape
03.10.2022
Date and time
Protecting an Organization
Security Chain
1.People
2.Processes
3.Technologies
Hackers evaluate the security chain the find the weakest link
to easily achieve their goals. Thus, Organizations must have a
Defense in Depth approach when protecting their assets,
people, processes, and technologies.
2 Legal & Regulatory Compliance
Legal & Regulatory Compliance
EU GDPR (Regulation)
Understanding the laws available and application for your organization is a must.
Applicability:
Businesses that collect, process, or store any
EU citizen’s personal data, regardless of the company’s
physical location or country, must comply with the EU
GDPR.
Self Assessment:
Does the EU GDPR apply to your business?
What type of data from EU citizens does your business collect, process, or store?
Is any of that data collected, processed, or stored outside the EU?
Legal and Regulatory Compliance
Frameworks
Understanding the governance/frameworks available and application for your organisation is a
must.
As part of IT Governance, due care, and due diligence, an organization needs to implement or
improve a cybersecurity program to protect its business. The following frameworks allow an
organization to use industry-standard, widely accepted-and-used frameworks.
NIST CSF
ISO/IEC 27000 Series
COBIT
ISO/IEC 38500
3 Building a Cyber Security Profile
Building a Cyber Security Profile
Orient
and damage
and everyone has a role to play in keeping