Analysis of Cybersecurity Standard and Framework Components

Satisfactory cybersecurity protection, encompassing all data security solutions, can only be achieved by adopting a cybersecurity framework that provides a structure and methodology for protecting critical digital assets. In addition, security experts recommend using cybersecurity standards which consist of a collection of best practices to protect organizations from cyber threats. However, many organizations, companies and governments lack experienced personnel in the cybersecurity domain, so they have difficulty adopting a standard approach or cybersecurity framework. Protecting organizations from cyber threats while demonstrating compliance with laws and standards is seen as extremely complex due to the difficulty on choosing the appropriate standard to be used. Moreover, lack of knowledge on the elements needed that offered by the standard is lead to the problem on identifying the started point where the protection will be began.  Therefore, in this paper, a literature and the analysis is presented in identifying the elements of cybersecurity standard and framework that can be facilitate the organization or government on choosing the appropriate standard and framework to be used and utilized. The literature review was carried out to understand the various types of cybersecurity standards and frameworks and the analysis is conducted to identify the elements in each of them. In this paper, eight steps are presented and include the types of international standards, which are general, local regulation, as well as specific standards used in the industrial sector, to conclude the findings of the analysis. Furthermore, a relation map is presented using Writing a Literature Review release 2.0 approach to show the relationship between the literature review and future research.