Fourteen Competency Areas
• Datasecurity
– Techniques that ensure electronic data
• Digitalforensics
– Evidence collection after an adverse event
• Enterprisecontinuity
– Ensure continuing function of enterprise after an adverse event
• Incidentmanagement
– Techniques for responding to incidents as they occur
Cybersecurity: The Essential Body of Knowledge 7
• • •
Fourteen Competency Areas (cont’d.)
IT security training and awareness
– Techniques focused on training organization’s staff
IT systems operations and maintenance
– Ensure continuous secure functioning of enterprise
Network security and telecommunications
– Ensure continuous secure functioning of information communications
Cybersecurity: The Essential Body of Knowledge 8
Fourteen Competency Areas (cont’d.)
• Personnelsecurity
– Ensure employee’s secure practices
• Physical and environmental security
– Ensure secure physical practice within secure space
• Procurement
– Ensure purchased goods and services are secure
• Regulatoryandstandardscompliance
– Ensuring that enterprise does not violate security law
Cybersecurity: The Essential Body of Knowledge 9
Fourteen Competency Areas (cont’d.)
• Risk management
– Ongoing assessment and assurance of identified risk
• Strategicsecuritymanagement
– Methods that ensure organization maintains secure infrastructure
• Systemandapplicationsecurity
– Ensure secure operating environment of machines and applications