Cybersecurity frameworks are sets of guidelines for managing and reducing security risks. Examples of frameworks include the B.C. Defensible Security Framework and the NIST Cybersecurity Framework. Organizations use frameworks to ensure that they have the tools they need to defend themselves against cyberattacks.
CyberBC provides its clients with templates, examples, and self-assessment tools they need to align to the B.C. Defensible Security Framework, as well as expert advice and coaching on how to prevent, detect, and respond to cyberattacks.
Defensible Security
Defensible Security is a collection of control groups you can use to help support your security program. Defensible Security helps organizations know what they need to be doing at a minimum to achieve a security posture that is defensible.
Assessment Tool (Excel)
Provides a quick and easy way for organizations to assess their security posture and view changes over time. It can also be used for executive reporting.
CIS Critical Security Controls (cisecurity.org)
The Center for Internet Security's Critical Security Controls (CIS Controls) are a prescriptive, prioritized, and simplified set of best practices that you can use to strengthen your cybersecurity posture.
ISO/IEC 27000 family (iso.org)
ISO/IEC 27001 is the world’s best-known standard for information security management systems (ISMS) and their requirements. Additional best practice in data protection and cyber resilience are covered by more than a dozen standards in the ISO/IEC 27000 family.
NIST Cybersecurity (nist.gov)
NIST develops cybersecurity standards, guidelines, best practices, and other resources to meet the needs of U.S. industry, federal agencies and the broader public. Our activities range from producing specific information that organizations can put into practice immediately to longer-term research that anticipates advances in technologies and future challenges.
CyberBC offers Complementary Resources in addition to the Self-Serve resources above.