Top 4 cybersecurity frameworks

Many organizations have to comply with a mixture of state, industry-specific, and international cybersecurity regulations. The challenge for an organization trading nationally, or even globally, is considerable.

According to Tenable’s Trends in Security Framework Adoption Survey, 84% of organizations in the US leverage a security framework in their organization, and 44% use more than one framework.

The most cyber secure sector

Of all the companies considered in the survey, those in the banking and finance sector most frequently adopted security frameworks (16%), followed closely by information technology (15%). The health care and medical sector was the worst, with 27% not having any framework in place at all.

The top four cybersecurity frameworks

The most frequently adopted frameworks should come as no surprise to security practitioners:

  1. PCI DSS (47%)
  2. ISO 27001/27002 (35%)
  3. CIS Critical Security Controls (32%)
  4. NIST Framework for Improving Critical Infrastructure Security (29%)

Does company size matter?

Companies with more than 10,000 employees are slightly more likely to have adopted a security framework (90%) but even smaller companies with fewer than 1,000 employees report significant rates of adoption (77%).

Complying with multiple cybersecurity regulations

As the number of cyber attacks continues to rise, businesses are under increasing pressure to protect their systems from cyber attacks and data misuse. But the challenge of complying with multiple cybersecurity regulations is considerable.

The ISO 27001 Cybersecurity Documentation Toolkit will help you fulfill your cybersecurity obligations, build a robust cybersecurity management system, and comply with:ISO27001 toolkit

  • NIST SP 800-53
  • New York Department of Financial Services Cybersecurity Requirements for Financial Services Companies
  • Massachusetts 201 CMR 17.00: Standards for the Protection of Personal Information of Residents of the Commonwealth
  • ISO 27001, the internationally recognized cybersecurity framework

Containing customizable templates developed by industry experts, this toolkit provides a framework for you to build a robust management system that complies with multiple regulations.

Lead your ISO 27001 project with Lead Implementer training

ISO LI trainingThis three-day live online course will help you implement an information security management system (ISMS), allowing your business to achieve and demonstrate compliance with key legislation where data security is essential, including the New York DFS Cybersecurity Requirements (23 NYCRR 500), NIST SP 800-53, FedRAMP, and the Sarbanes–Oxley Act.

Lead your organizations ISO 27001 project today!