Information security standards

Information security standards (also cyber security standards^[1]) are techniques generally outlined in published materials that attempt to protect the cyber environment of a user or organization.^[2] This environment includes users themselves, networks, devices, all software, processes, information in storage or transit, applications, services, and systems that can be connected directly or indirectly to networks.

The principal objective is to reduce the risks, including preventing or mitigating cyber-attacks. These published materials consist of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance and technologies.

^ "Guidelines for Smart Grid Cyber Security" (PDF). National Institute of Standards and Technology. September 2014. doi:10.6028/NIST.IR.7628r1. Retrieved 28 November 2023.
^ "ITU-T Recommendation database".

[NIST-1] "Guidelines for Smart Grid Cyber Security" (PDF). National Institute of Standards and Technology. September 2014. doi:10.6028/NIST.IR.7628r1. Retrieved 28 November 2023.

[2] "ITU-T Recommendation database".

[1]

[2]