The current (Jan 2012) issue of GE measurement and control's Orbit magazine (1601) includes an introduction to cyber security. This begins with a bewilderingly long list of standards and regulations that impact cyber security. Risk management and defense-in-depth are essential strategies with NIST SP800-37 a framework for information system security risks. 'Defense in depth' involves multiple layers-network, host computer and application defense. GE uses 'misuse' and 'abuse case' scenarios to identify security requirements.
展开▼
机译:目前,GE Measurement and Control的《轨道》杂志(1601)(2012年1月)包括网络安全简介。首先是影响网络安全的一长串令人迷惑的标准和法规。风险管理和深度防御是NIST SP800-37(信息系统安全风险框架)的基本策略。 “纵深防御”涉及多个层次-网络,主机和应用程序防御。 GE使用“滥用”和“滥用案例”方案来确定安全要求。
展开▼
