NERC CIP-002 through CIP-014 Revision 6_CIP-014-2 2.4

Lionfish Cyber Security | August 9th 2023 |

NERC CIP-002 through CIP-014 Revision 6 Physical Security CIP-014-2 2.4 2.4. Each Transmission Owner shall implement procedures such as the use of non-disclosure agreements for protecting sensitive or confidential information made available to the unaffiliated third party verifier and to protect or exempt sensitive or confidential information developed pursuant to this Reliability Standard from public disclosure. M2. Examples of acceptable evidence may include but are not limited to dated written or electronic…

Read More

NIST 800-53_CM-5(5)

Lionfish Cyber Security | August 9th 2023 |

NIST 800-53 Configuration Management CM-5(5) Access Restrictions for Change Privilege Limitation for Production and Operation (a) Limit privileges to change system components and system-related information within a production or operational environment; and(b) Review and reevaluate privileges [Assignment: organization-defined frequency].   Click here to Start your FREE trial today! Explainer video   What is a Cybersecurity Compliance Framework? You don’t need to clutter your security and privacy programs with an ever-increasing number of…

Read More

PCI (Payment Card Industry Security Standard)_Req 8.3.2

Lionfish Cyber Security | August 9th 2023 |

PCI (Payment Card Industry Security Standard) Identify and authenticate access to system components Req 8.3.2 8.3.2 Incorporate multi-factor authentication for all remote network access (both user and administrator and including third-party access for support or maintenance) originating from outside the entity’s network. This requirement is intended to apply to all personnel-including general users administrators and vendors (for support or maintenance) with remote access to the network-where that remote access could lead to…

Read More

NIST 800-53_AC-4(19)

Lionfish Cyber Security | August 8th 2023 |

NIST 800-53 Access Control AC-4(19) Information Flow Enforcement Validation of Metadata When transferring information between different security domains implement [Assignment: organization-defined security or privacy policy filters] on metadata.   Click here to Start your FREE trial today! Explainer video   What is a Cybersecurity Compliance Framework? You don’t need to clutter your security and privacy programs with an ever-increasing number of tools as they become more sophisticated. The Lionfish platform offers a…

Read More

NIST 800-53_SI-12(1)

Lionfish Cyber Security | August 8th 2023 |

NIST 800-53 System and Information Integrity SI-12(1) Information Management and Retention Limit Personally Identifiable Information Elements Limit personally identifiable information being processed in the information life cycle to the following elements of personally identifiable information: [Assignment: organization-defined elements of personally identifiable information].   Click here to Start your FREE trial today! Explainer video   What is a Cybersecurity Compliance Framework? You don’t need to clutter your security and privacy programs with an…

Read More

NIST 800-172_3.1.3e

Lionfish Cyber Security | August 8th 2023 |

NIST 800-172 3.1 ACCESS CONTROL 3.1.3e Employ [Assignment: organization-defined secure information transfer solutions] to control information flows between security domains on connected systems. Organizations employ information flow control policies and enforcement mechanisms to control the flow of information between designated sources and destinations within systems and between connected systems. Flow control is based on the characteristics of the information and/or the information path. Enforcement occurs for example in boundary protection devices that…

Read More

NIST 800-53_SC-30(5)

Lionfish Cyber Security | August 8th 2023 |

NIST 800-53 System and Communications Protection SC-30(5) Concealment and Misdirection Concealment of System Components Employ the following techniques to hide or conceal [Assignment: organization-defined system components]: [Assignment: organization-defined techniques].   Click here to Start your FREE trial today! Explainer video   What is a Cybersecurity Compliance Framework? You don’t need to clutter your security and privacy programs with an ever-increasing number of tools as they become more sophisticated. The Lionfish platform offers…

Read More

PCI (Payment Card Industry Security Standard)_Req 3.2.1

Lionfish Cyber Security | August 7th 2023 |

PCI (Payment Card Industry Security Standard) Protect stored cardholder data Req 3.2.1 3.2.1 Do not store the full contents of any track (from the magnetic stripe located on the back of a card equivalent data contained on a chip or elsewhere) after authorization. This data is alternatively called full track track track 1 track 2 and magnetic-stripe data. Note: in the normal course of business the following data elements from the magnetic…

Read More

NIST 800-53_AC-2(9)

Lionfish Cyber Security | August 7th 2023 |

NIST 800-53 Access Control AC-2(9) Account Management Restrictions on Use of Shared and Group Accounts Only permit the use of shared and group accounts that meet [Assignment: organization-defined conditions for establishing shared and group accounts].   Click here to Start your FREE trial today! Explainer video   What is a Cybersecurity Compliance Framework? You don’t need to clutter your security and privacy programs with an ever-increasing number of tools as they become…

Read More

NIST 800-53_SC-44

Lionfish Cyber Security | August 7th 2023 |

NIST 800-53 System and Communications Protection SC-44 Detonation Chambers Employ a detonation chamber capability within [Assignment: organization-defined system system component or location].   Click here to Start your FREE trial today! Explainer video   What is a Cybersecurity Compliance Framework? You don’t need to clutter your security and privacy programs with an ever-increasing number of tools as they become more sophisticated. The Lionfish platform offers a one-stop solution to track progress and…

Read More

NIST-CSF_RS.IM-2

Lionfish Cyber Security | August 7th 2023 |

NIST-CSF Improvements (RS.IM) RS.IM-2 RS.IM-2: Response strategies are updated NULL   Click here to Start your FREE trial today! Explainer video   What is a Cybersecurity Compliance Framework? You don’t need to clutter your security and privacy programs with an ever-increasing number of tools as they become more sophisticated. The Lionfish platform offers a one-stop solution to track progress and monitor any framework, from custom-built ones to highly-specialized and in-demand top security…

Read More

NIST 800-53_AT-2(1)

Lionfish Cyber Security | August 7th 2023 |

NIST 800-53 Awareness and Training AT-2(1) Literacy Training and Awareness Practical Exercises Provide practical exercises in literacy training that simulate events and incidents.   Click here to Start your FREE trial today! Explainer video   What is a Cybersecurity Compliance Framework? You don’t need to clutter your security and privacy programs with an ever-increasing number of tools as they become more sophisticated. The Lionfish platform offers a one-stop solution to track progress…

Read More

NIST 800-53_SA-11

Lionfish Cyber Security | August 7th 2023 |

NIST 800-53 System and Services Acquisitions SA-11 Developer Testing and Evaluation Require the developer of the system system component or system service at all post-design stages of the system development life cycle to:a. Develop and implement a plan for ongoing security and privacy control assessments;b. Perform [Selection (one or more): unit; integration; system; regression] testing/evaluation [Assignment: organization-defined frequency] at [Assignment: organization-defined depth and coverage];c. Produce evidence of the execution of the assessment…

Read More

NIST-CSF_RS.MI-1

Lionfish Cyber Security | August 6th 2023 |

NIST-CSF Mitigation (RS.MI) RS.MI-1 RS.MI-1: Incidents are contained NULL   Click here to Start your FREE trial today! Explainer video   What is a Cybersecurity Compliance Framework? You don’t need to clutter your security and privacy programs with an ever-increasing number of tools as they become more sophisticated. The Lionfish platform offers a one-stop solution to track progress and monitor any framework, from custom-built ones to highly-specialized and in-demand top security and…

Read More

NIST 800-53_SA-5(4)

Lionfish Cyber Security | August 6th 2023 |

NIST 800-53 System and Services Acquisitions SA-5(4) System Documentation Low-level Design [Withdrawn: Incorporated into SA-4(2).]   Click here to Start your FREE trial today! Explainer video   What is a Cybersecurity Compliance Framework? You don’t need to clutter your security and privacy programs with an ever-increasing number of tools as they become more sophisticated. The Lionfish platform offers a one-stop solution to track progress and monitor any framework, from custom-built ones to…

Read More

NIST 800-53_CA-7

Lionfish Cyber Security | August 6th 2023 |

NIST 800-53 Assessment, Authorization and Monitoring CA-7 Continuous Monitoring Develop a system-level continuous monitoring strategy and implement continuous monitoring in accordance with the organization-level continuous monitoring strategy that includes:a. Establishing the following system-level metrics to be monitored: [Assignment: organization-defined system-level metrics];b. Establishing [Assignment: organization-defined frequencies] for monitoring and [Assignment: organization-defined frequencies] for assessment of control effectiveness;c. Ongoing control assessments in accordance with the continuous monitoring strategy;d. Ongoing monitoring of system and organization-defined…

Read More

CIS Framework Controls V8_4.4

Lionfish Cyber Security | August 6th 2023 |

CIS Framework Controls V8 Secure Configuration of Enterprise Assets and Software 4.4 Implement and Manage a Firewall on Servers Implement and manage a firewall on servers where supported. Example implementations include a virtual firewall operating system firewall or a third-party firewall agent.   Click here to Start your FREE trial today! Explainer video   What is a Cybersecurity Compliance Framework? You don’t need to clutter your security and privacy programs with an…

Read More

NIST 800-53_PE-19

Lionfish Cyber Security | August 5th 2023 |

NIST 800-53 Physical and Environmental Protection PE-19 Information Leakage Protect the system from information leakage due to electromagnetic signals emanations.   Click here to Start your FREE trial today! Explainer video   What is a Cybersecurity Compliance Framework? You don’t need to clutter your security and privacy programs with an ever-increasing number of tools as they become more sophisticated. The Lionfish platform offers a one-stop solution to track progress and monitor any…

Read More

NERC CIP-002 through CIP-014 Revision 6_CIP-007-6 4.2

Lionfish Cyber Security | August 5th 2023 |

NERC CIP-002 through CIP-014 Revision 6 Security Event Monitoring CIP-007-6 4.2 4.2 Generate alerts for security events that the Responsible Entity determines necessitates an alert that includes as a minimum each of the following types of events (per Cyber Asset or BES Cyber System capability): 4.2.1. Detected malicious code from Part 4.1; and4.2.2. Detected failure of Part 4.1 event logging. M4. Evidence must include each of the documented processes that collectively include…

Read More

NIST 800-53_AC-20(4)

Lionfish Cyber Security | August 5th 2023 |

NIST 800-53 Access Control AC-20(4) Use of External Systems Network Accessible Storage Devices ? Prohibited Use Prohibit the use of [Assignment: organization-defined network accessible storage devices] in external systems.   Click here to Start your FREE trial today! Explainer video   What is a Cybersecurity Compliance Framework? You don’t need to clutter your security and privacy programs with an ever-increasing number of tools as they become more sophisticated. The Lionfish platform offers…

Read More

Page 5 of 119