Volume 18, No. 6, 2021
A Review on NIST, ISO 27001, HIPAA and MITRE ATT&CK Cybersecurity Frameworks
Gurinder Pal Singh , Vishal Bharti , Manish Kumar Hooda
Abstract
The aim of this review paper is to discuss Cybersecurity threats, defenses, and some of the security frameworks. Today, the wars between the nations are not on the fields; they are through cyber wars to breach the confidential information of their enemies and use it when required. “Various guidelines and security frameworks have been created to protect the confidentiality, integrity, and availability of Information systems”. Today we face cyber-attacks in every field, whether it’s a space (satellite), the air (aviation system), under water (submarines) or on the surface. The world is connected, so it is vulnerable. If you are not connected to any device or network, that means you are safe in today’s world. To mitigate the cyber threats or cyber-attacks, many security frameworks have been developed. A cybersecurity framework is a predefined structure that contains the processes, practices, and technologies that enterprises can use to protect their networks and computer systems from security threats. We discussed some of the security frameworks like ISO 27001, NIST, MITRE ATT&CK, HIPAA etc. and their use to counter cyber-attacks.
Pages: 1872-1880
Keywords: Cyber-attack, Security Framework, MITRE ATT&CK, NIST, ISO 27001