Cyber Security Management System

From Wikipedia, the free encyclopedia
Jump to navigation Jump to search

A Cyber Security Management System is a form of Information security management system, particularly focussed on protecting automation and transport systems.[1] The EU Cybersecurity Act, of 2019, led to the creation of UNECE working groups which developed the Cyber Security Management Systems (CSMS) concept (and also an approach for securing over-the-air updates of vehicle systems), which were formalised in UN Regulation 155.[2]

Context

[edit | edit source]

Security technologies, and threats, can evolve much more quickly than regulatory bodies; so the CSMS emphasises a system of technologies and processes which can adapt more quickly, without relying on a narrowly defined list of technical controls in a standard.[3] Consequently, the CSMS is intended to be technology-neutral, much like ISO 27001, unlike detailed technical security standards such as PCI DSS.

See also

[edit | edit source]

References

[edit | edit source]
  1. ^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
  2. ^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
  3. ^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).

Further reading

[edit | edit source]
Retrieved from "http://70.231.62.181/index.php?title=Cyber_Security_Management_System&oldid=19585548"