NIST
C.1 Threat Sources C.2 Vulnerabilities and Predisposing Conditions C.2.1. Policy and Procedure Vulnerabilities and Predisposing Conditions C.2.2. System Vulnerabilities and Predisposing Conditions アーキテクチャおよび設計上の脆弱性 設定お…
6.1 Identify (ID) 6.1.1 Asset Management (ID.AM) 6.1.2 Governance (ID.GV) 6.1.3 Risk Assessment (ID.RA) 6.1.4 Risk Management Strategy (ID.RM) 6.1.5 Supply Chain Risk Management (ID.SC) 6.2 Protect (PR) 6.2.1 Identity Management and Access…
5.2 Defense-in-Depth Architecture Capabilities 5.2.2 Layer 2 – Physical Security 5.2.3 Layer 3 – Network Security 5.2.3.1 Network Architecture 5.4 Cybersecurity Architecture Models OT環境向けのセキュリティ管理策と推奨事項について、ふわっと…
4.1 Managing OT Security Risk 4.1.1 Framing OT Risk 4.1.2 Assessing Risk in an OT Environment 4.1.3 Responding to Risk in an OT Environment 4.1.4 Monitoring Risk in an OT Environment 4.2 Special Areas for Consideration 4.2.1 Supply Chain R…
3.1 Establish a Charter for the OT Cybersecurity Program 3.2 Business Case for the OT Cybersecurity Program 3.2.1 Benefits of Cybersecurity Investments 物理的影響(Physical impacts) 経済的影響(Economic impacts) 社会的影響(Social impacts) 3.…
アメリカのNISTが公開しているOTセキュリティに関するガイドラインを読みながら考えたメモ。 csrc.nist.gov このブログポストを見る前に、まずは実際にNIST SP 800-82を全文読んでいただきたい。 2. OT Overview 2.1 Evolution of OT 2.2 OT-Based Systems a…
