Information security standards

Information security standards (also cyber security standards^[1]) are techniques generally outlined in published materials that attempt to protect a user's or organization's cyber environment.^[2] This environment includes users themselves, networks, devices, all software, processes, information in storage or transit, applications, services, and systems that can be connected directly or indirectly to networks.

The principal objective is to reduce the risks, including preventing or mitigating cyber-attacks. These published materials comprise tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance, and technologies.

^ "Guidelines for Smart Grid Cyber Security" (PDF). National Institute of Standards and Technology. September 2014. doi:10.6028/NIST.IR.7628r1. Retrieved 28 November 2023.
^ "ITU-T Recommendation database".

[NIST-1] "Guidelines for Smart Grid Cyber Security" (PDF). National Institute of Standards and Technology. September 2014. doi:10.6028/NIST.IR.7628r1. Retrieved 28 November 2023.

[2] "ITU-T Recommendation database".

[1]

[2]