top of page

Cyber Security

Frameworks & Standards

We use the following accepted frameworks and standards as a baseline for cybersecurity reviews and based on client specific considerations.
 

  • ISO/IEC 27000

This international standard provides a series of best practices to help organizations improve their information security.
ISO/IEC 27001 explains the best practices in information security.
ISO/IEC 27002 explains the information security controls that organizations might choose to implement.
ISO/IEC 27017 & ISO/IEC 27018 explain how organizations should protect sensitive information in the Cloud.
ISO/IEC 27701 covers what organizations need to do when implementing Privacy Information Management Systems

 

  • NIST SP 800-53 rev.4

Even though specific to U.S. government agencies, the NIST SP 800-53 model could be applied in any industry and should not be overlooked by companies looking to build an information security program.

Cybersecurity service provider,  Edmonton, Alberta Canada

4etsecframe.jpg

​

  • NIST CSF

This cybersecurity framework focuses on risk analysis and risk management. The security controls included in this framework are based on the defined phases of risk management: identify, protect, detect, respond and recovery.
 

  • CIS Controls

This framework does not address risk analysis or risk management like the NIST CSF, and is solely focused on hardening technical infrastructure to reduce risk and increase resiliency.

​

  • OWASP ASVS

This OWASP application security verification standard provides a basis for testing application technical security controls, as well as any technical security controls in the environment, that are relied on to protect against vulnerabilities such as Cross-Site Scripting (XSS) and SQL injection. This standard can be used to establish a level of confidence in the security of Web applications. 

gap-analysis.png
  • Facebook
  • Twitter
  • LinkedIn

Cybersecurity service provider,  Edmonton, Alberta Canada

© Copyright 2020 by 4ET Cybersecurity Inc. 

bottom of page