Youtube search...

• Cybersecurity ... OSINT ... Frameworks ... References ... Offense ... NIST ... DHS ... Screening ... Law Enforcement ... Government ... Defense ... Lifecycle Integration ... Products ... Evaluating
• Risk, Compliance and Regulation ... Ethics ... Privacy ... Law ... AI Governance ... AI Verification and Validation
• Telecommunications ... Computer Networks ... 5G ... Satellite Communications ... Quantum Communications ... Agents ... AI Broadcast; Radio, Stream, TV
• Artificial General Intelligence (AGI) to Singularity ... Curious Reasoning ... Emergence ... Moonshots ... Explainable AI ... Automated Learning
• Libraries & Frameworks Overview ... Libraries & Frameworks ... Git - GitHub and GitLab ... Other Coding options
• Development ... Notebooks ... AI Pair Programming ... Codeless ... Hugging Face ... AIOps/MLOps ... AIaaS/MLaaS
• MITRE ATT&CK™
• 23 Top Cybersecurity Frameworks | CyberExperts.com
• Align to a Framework: Plan a Cybersecurity Roadmap's Route | CIS
• CIS Controls
• CIS Cybersecurity Roadmap
• NIST FedRAMP| NIST ... security for the cloud
• NIST Cybersecurity Framework| NIST - consists of standards, guidelines, and best practices to manage cybersecurity-related risk.
• Introduction to the Framework Roadmap | NIST
• FIPS 140-2 Security Requirements for Cryptographic Modules| NIST]
• ISO/IEC 27001
• ISO/IEC 15408-1 ISO/IEC Information Technology Task Force (ITTF)
• SABSA
• TOGAF
• Microsoft Cybersecurity Reference Architectures| Microsoft
• Zero Trust Rapid Modernization Plan| Microsoft
• Cybersecurity Reference Architecture | Microsoft
• Microsoft Cybersecurity Reference Architectures - Security | Microsoft
• United States Computer Emergency Readiness Team (US-CERT)
• OASIS Cyber Threat Intelligence (CTI) TC OpenC2
• Using the Cybersecurity Framework | DHS
• How STIX, TAXII and CybOX Can Help With Standardizing Threat Information

NOTE: Not necessarily restricted to artificial intelligence-based solutions.

Important Tools

Cybersecurity frameworks, architectures and roadmaps are important tools for organizations to improve their security posture and manage cyber risks. Here is some information about them from various sources:

Cybersecurity Frameworks

A cybersecurity framework is a set of standards, guidelines and best practices that help organizations to assess and improve their ability to prevent, detect and respond to cyber threats. A cybersecurity framework can help organizations to:

• Define their current and desired security state
• Identify and prioritize gaps and risks
• Align security activities with business goals and requirements
• Communicate and collaborate with internal and external stakeholders
• Demonstrate compliance with regulations and industry standards

Some examples of cybersecurity frameworks are:

• NIST Cybersecurity Framework (CSF): A voluntary framework developed by the National Institute of Standards and Technology (NIST) for critical infrastructure sectors in the US, but widely adopted by other sectors and countries as well. The CSF consists of five core functions: Identify, Protect, Detect, Respond and Recover. Each function has a set of categories, subcategories and informative references that provide guidance on specific security outcomes.
  • NIST Cybersecurity Framework 2.0 Reference Tool | NIST ... allows users to explore the Draft CSF 2.0 Core (Functions, Categories, Subcategories, Implementation Examples) and offers human and machine-readable versions of the draft Core (in both JSON and Excel formats). Currently, the tool allows users to view and export portions of the Core using key search terms. This tool will ultimately enable users to create their own version of the CSF 2.0 Core with selected Informative References and will provide a simple and streamlined way for users to explore different aspects of the CSF Core.
• ISO/IEC 27001: An international standard for information security management systems (ISMS) that specifies the requirements for establishing, implementing, maintaining and improving an ISMS. The standard covers all aspects of information security, including risk assessment, policies, procedures, controls, monitoring, auditing and improvement. The standard also provides a certification scheme for organizations that want to demonstrate their compliance.
• CIS Controls: A set of 20 prioritized and actionable security controls developed by the Center for Internet Security (CIS) based on the most common and effective practices observed in real-world incidents. The CIS Controls cover both technical and organizational aspects of security, such as inventory, configuration, vulnerability management, access control, incident response and awareness training. The CIS Controls also provide implementation guidance for different types of organizations, such as small businesses, enterprises and cloud environments.

Cybersecurity Architectures

A cybersecurity architecture is a design or blueprint that describes how security components and processes are organized, integrated and configured to protect an organization's assets, data and operations from cyber threats. A cybersecurity architecture can help organizations to:

• Define the scope and boundaries of their security domain
• Identify and classify their assets, data and operations
• Select and implement appropriate security controls and technologies
• Define roles and responsibilities for security management and operations
• Establish security policies, standards and procedures
• Monitor and measure security performance and effectiveness

Some examples of cybersecurity architectures are:

• Microsoft Cybersecurity Reference Architectures (MCRA): A set of detailed technical diagrams that describe Microsoft's cybersecurity capabilities and how they integrate with Microsoft platforms and third-party platforms, such as Microsoft 365, Azure, ServiceNow, Salesforce, AWS and GCP. The MCRA covers various topics such as zero trust user access, security operations, operational technology (OT), multi-cloud and cross-platform capabilities, attack chain coverage, Azure native security controls and security organizational functions.
• SABSA: A framework and methodology for developing business-driven, risk-based and architecture-led security solutions. SABSA stands for Sherwood Applied Business Security Architecture. The framework consists of six layers: contextual (business), conceptual (architecture), logical (design), physical (implementation), component (build) and operational (management). Each layer has a set of attributes that define the security requirements, objectives, functions, services, components and metrics.
• TOGAF: A framework for enterprise architecture that provides a comprehensive approach to planning, designing, implementing and governing an organization's information technology. TOGAF stands for The Open Group Architecture Framework. The framework consists of four domains: business (strategy), data (information), application (system) and technology (infrastructure). Each domain has a set of principles, standards, models and views that guide the architecture development process.

Cybersecurity Roadmaps

A cybersecurity roadmap is a plan or strategy that outlines the steps and actions that an organization needs to take to achieve its security goals and objectives. A cybersecurity roadmap can help organizations to:

• Align their security initiatives with their business vision and mission
• Communicate their security vision and direction to stakeholders
• Prioritize their security investments and resources
• Track their progress and performance against their targets
• Adapt to changing threats, technologies and business needs

Some examples of cybersecurity roadmaps are:

• NIST Cybersecurity Framework Roadmap: A companion document to the NIST CSF that identifies key activities planned for improving and enhancing the CSF. The roadmap is not exhaustive in describing all planned activities within NIST but focuses on high-priority areas for development, alignment and collaboration. The roadmap version 1.1 identifies 14 areas such as confidence mechanisms, cyberattack lifecycle, cybersecurity workforce, cyber supply chain risk management, federal agency cybersecurity alignment, governance and enterprise risk management etc.
• Zero Trust Rapid Modernization Plan (RaMP): A part of the MCRA that provides a practical and actionable approach to implementing zero trust principles and practices in an organization. The RaMP consists of four phases: assess, plan, execute and optimize. Each phase has a set of steps, activities and deliverables that help organizations to define their zero trust vision, identify their current state and gaps, prioritize and implement zero trust capabilities and measure and improve their zero trust maturity.
• CIS Cybersecurity Roadmap: A guide for small and medium-sized businesses (SMBs) to improve their cybersecurity posture using the CIS Controls. The roadmap provides a simple and practical way to implement the CIS Controls based on three levels of security maturity: basic, foundational and organizational. The roadmap also provides tips, resources and tools to help SMBs with their security journey.

Making Sense

Trusted Internet Connections (TIC) 3

• Trusted Internet Connections | Cybersecurity & Infrastructure Security Agency, Department of Homeland Security (DHS)

Zero Trust

YouTube ... Quora ...Google search ...Google News ...Bing News

• Perspective ... Context ... In-Context Learning (ICL) ... Transfer Learning ... Out-of-Distribution (OOD) Generalization
• Causation vs. Correlation ... Autocorrelation ...Convolution vs. Cross-Correlation (Autocorrelation)
• Policy ... Policy vs Plan ... Constitutional AI ... Trust Region Policy Optimization (TRPO) ... Policy Gradient (PG) ... Proximal Policy Optimization (PPO)
• Architectures for AI ... Enterprise Architecture (EA) ... Enterprise Portfolio Management (EPM) ... Architecture and Interior Design
• Immersive Reality ... Metaverse ... Omniverse ... Transhumanism ... Religion
• Telecommunications ... Computer Networks ... 5G ... Satellite Communications ... Quantum Communications ... Communication Agents ... Smart Cities ... Digital Twin ... Internet of Things (IoT)
• Risk, Compliance and Regulation ... Ethics ... Privacy ... Law ... AI Governance ... AI Verification and Validation
• Cybersecurity ... OSINT ... Frameworks ... References ... Offense ... NIST ... DHS ... Screening ... Law Enforcement ... Government ... Defense ... Lifecycle Integration ... Products ... Evaluating
• Zero Trust Architecture | NIST
• Conditional Access design principles and dependencies | Microsoft
• Zero trust security model | Wikipedia

Zero Trust architecture is a cybersecurity approach that assumes breaches will occur and uses risk-based access controls to limit the damage from an attack. Instead of only guarding an organization’s perimeter, Zero Trust architecture protects each file, email, and network by authenticating every identity and device. Rather than just securing one network, Zero Trust architecture also helps secure remote access, personal devices, and third-party apps. The principles of Zero Trust are: Verify explicitly, Use least privileged access, Assume breach and Require end-to-end encryption.

Part of... software-defined networking (SD-WAN) and Secure Access Service Edge (SASE). SASE delivers wide-area networking with cybersecurity both on-site and in the cloud as DoD expands its reliance on cloud data storage. One of the key tenants of zero trust involves identity. Thunderdome will use identity verification, including public key infrastructure (PKI), which uses a certificate to validate data being sent from one point to another, and identity credentialing and access management (ICAM). ICAM verifies a person’s identity and links them to their allowed access privileges. - Thunderdome hits its targets, DISA moves to next phase of zero trust | Alexandra Lohr - Federal New Network

• Software-defined networking (SD-WAN)
• What Is Secure Access Service Edge (SASE)? | CISCO ... a network architecture that combines VPN and SD-WAN capabilities with cloud-native security functions such as secure web gateways, cloud access security brokers, firewalls, and zero-trust network access. These functions are delivered from the cloud and provided as a service by the SASE vendor.
• Identity credentialing and access management (ICAM) ... ensure that the right person with the right privileges can access the right information at the right time
• Thunderdome is a network architecture program; laying a zero-trust technology foundation
• US Defense Information Systems Agency (DISA)

Other Cybersecurity

• Increasing International Cooperation in Cybersecurity and Adapting Cyber Norms
• Cybersecurity Systems Security | MIT
• 11 Steps Attackers Took to Crack Target - stolen credentials of an HVAC vendor | CIO