Cybersecurity is an emerging field within information security, as cybercrime continues to increase exponentially worldwide. Governments and institutions have launched many cybersecurity initiatives, ranging from standards to comprehensive legislation and regulation. To address the need for resources in cybersecurity, global IT association ISACA has released the European Cybersecurity Implementation Series.

The series is part of ISACA’s holistic Cybersecurity Nexus (CSX), a central resource where security professionals and their enterprises can find cybersecurity research, training and community. The series provides practical implementation guidance that is aligned with European Network and Information Security Agency (ENISA), European requirements and good practices. Four white papers and an audit/assurance program are included in the series:

• European Cybersecurity Implementation: Overview—This paper provides a high-level overview of implementing cybersecurity good practice in line with existing laws, standards and other guidance. It is complemented by the three detailed white papers that focus on risk guidance, resilience and assurance in cybersecurity, and the European Cybersecurity Audit/Assurance Program.
• European Cybersecurity Implementation: Assurance—Enterprises need assurance over their cybersecurity activities and initiatives, as part of enterprise governance, risk and compliance (GRC). This white paper addresses cybersecurity implementation to help contribute effectively to the enterprise’s protection against cyberattacks and breaches.
• European Cybersecurity Implementation: Resilience—In cybersecurity, resilience is the ability to absorb internal and external impacts, and to recover to normal operations in a controlled manner. This white paper addresses resilience in cybersecurity using the EU and national approaches toward critical information infrastructure and its protection.
• European Cybersecurity Implementation: Risk—Cybersecurity risk strategies should align with the overarching enterprise risk management strategy and framework. This white paper will help enterprises determine a manageable set of risk, based on risk scenarios that target known risk and emerging and future risk factors that might arise in the context of cybersecurity.
• European Cybersecurity Audit/Assurance Program (available soon)—Based on ISACA’s IT Assurance Framework (ITAF), this program helps provide management with an assessment of the effectiveness of cybersecurity and related governance, management and assurance. The review focuses on cybersecurity standards, guidelines and procedures, and aligns with ISACA’s COBIT 5 framework.

“Organizations need to transform their cybersecurity to keep up with advanced threats, changing regulations and good practices, and this ISACA guidance helps them do that,” said Rolf von Roessing, CISA, CISM, CGEIT, president of Forfa AG and past international vice president of ISACA. “European organizations will find valuable implementation guidance in these white papers.”

The white papers are free of charge and can be found at www.isaca.org/whitepapers. ISACA audit/assurance programs are free to ISACA members and available for purchase by nonmembers, and can be found at www.isaca.org/auditprograms.

ISACA’s CSX can be found at www.isaca.org/cyber. Current and upcoming CSX materials include Cybersecurity Fundamentals Certificate study guide (August 2014) and the Cybersecurity Fundamentals Certificate exam (October 2014).

COBIT 5 resources can be found at www.isaca.org/COBIT.

About ISACA

With more than 115,000 constituents in 180 countries, ISACA^® (www.isaca.org) helps business and IT leaders build trust in, and value from, information and information systems. Established in 1969, ISACA is the trusted source of knowledge, standards, networking, and career development for information systems audit, assurance, security, risk, privacy and governance professionals. ISACA offers the Cybersecurity Nexus^™, a comprehensive set of resources for cybersecurity professionals, and COBIT^®, a business framework that helps enterprises govern and manage their information and technology. ISACA also advances and validates business-critical skills and knowledge through the globally respected CISA^®, CISM^®, CGEIT^® and CRISC^™ credentials.

Twitter: https://twitter.com/ISACANews