The document discusses integrating cybersecurity controls into an organization's Way of Working (WoW). It recommends defining cybersecurity goals and applying the NIST Cybersecurity Framework (CSF) and NIST Special Publication 800-53 controls. Specifically, the document suggests allocating controls to different object types like applications, platforms, and systems. It also advises converting controls into user stories and tests to integrate them into the software development lifecycle according to the WoW. The overall goal is to securely develop and operate systems using a risk-based approach aligned with the organization's processes.
Sales & Marketing Alignment: How to Synergize for Success
CyberSec object types & controls Belay controls as close as possible to Way of Working
1. CyberSec object types & controls
Belay controls as close as possible to Way of Working
Robert Kloots, Brussels
Nov 2022
Available for Interim Management