Comparative Assessment of US Cyber Incident Response Systems
Abstract
In today's world, cyber threats are becoming a serious issue for companies in all professional sectors. For all organisations, regardless of their field of activity, cyber threats in today's world are undoubtedly a significant challenge. Undoubtedly, modern organisations should set themselves the task of effectively countering cyber threats regardless of their professional industry. To effectively counter these threats, organisations must have effective incident response systems in place, including in cyberspace. There are many incident response frameworks in the US, each with its own advantages and disadvantages. This article offers a comparative analysis of the four leading US cyber incident response frameworks: NIST Cybersecurity Framework (CSF), CISA Cyber Incident Response Guide, ISO/IEC 27001 and NIST Special Publication 800-61. The purpose of the study is to provide organisations with an overview of the four leading incident response frameworks in the US so that they can choose the most appropriate framework for their specific needs. The research was conducted using a qualitative approach that included a thorough review of official documents, a review of relevant current literature, and consultation with cybersecurity professionals. This article is a valuable resource for organisations and companies looking for an effective and efficient method of responding to incidents, including cyber incidents. It provides an overview of the four leading frameworks in the US, allowing organisations to compare their advantages and disadvantages and ultimately choose the most appropriate framework for their specific objectives.
Downloads
References
eSentire, Inc. (2023). “2022 Official Cybercrime Report.” Retrieved (https://www.esentire.com/resources/library/2022-official-cybercrime-report).
American Public Power Association. (2021). “Public Power Cyber Incident Response Playbook” Retrieved (https://www.publicpower.org/resource/public-power-cyber-incident-response-playbook).
Nist, Gaithersburg Md. (2023). The NIST Cybersecurity Framework 2.0. https://doi.org/10.6028/NIST.CSWP.29.ipd.
NIST. (2021). “NIST SP 800-61 | NIST.” Retrieved (https://www.nist.gov/privacy-framework/nist-sp-800-61).
Cybersecurity and Infrastructure Security Agency CISA. (2021). “CISA Releases Incident and Vulnerability Response Playbooks to Strengthen Cybersecurity for Federal Civilian Agencies | CISA.” Retrieved (https://www.cisa.gov/news-events/news/cisa-releases-incident-and-vulnerability-response-playbooks-strengthen).
Information security, cybersecurity and privacy protection. Information security management systems. Requirements. ISO/IEC 27001. (2022). https://www.iso.org/standard/27001.
NIST. (2023). “Cybersecurity Framework Components | NIST.” Retrieved (https://www.nist.gov/cyberframework/online-learning/cybersecurity-framework-components).
Kosutic, Dejan. (2023). “What Is ISO 27001? A Detailed and Straightforward Guide.”. Retrieved (https://advisera.com/27001academy/what-is-iso-27001/).