Interdependencies between essential and important entities
ENISA Interdependencies Indicators Tool
NIST Cybersecurity Framework Description | EXAMPLE OF IMPLEMENTATION |
---|---|
Cybersecurity is included in human resources practices (e.g., deprovisioning, personnel screening)
Security policies (that address purpose, scope, roles, responsibilities, management commitment, and coordination among organisational entities), processes, and procedures are maintained and used to manage protection of information systems and assets. |
The larger the number of users affected by an incident, more important it is to integrate cybersecurity in human ressources practices of a company |
Privileged users understand roles & responsibilities
The organisation’s personnel and partners are provided cybersecurity awareness education and are trained to perform their cybersecurity-related duties and responsibilities consistent with related policies, procedures, and agreements |
The number of users that understand roles and responsabilities is key in defining a solid cyber security strategy |
All users are informed and trained
The organisation’s personnel and partners are provided cybersecurity awareness education and are trained to perform their cybersecurity-related duties and responsibilities consistent with related policies, procedures, and agreements |
The number of users informed and trained reduce drastically the number of users likely to be affected by an incident |