This Recommendation provides a definition for cybersecurity. The Recommendation provides a taxonomy of security threats from an operator point of view. Cybersecurity vulnerabilities and threats are presented and discussed at various network layers.
Various cybersecurity technologies that are available to counter threats include: routers, firewalls, antivirus protection, intrusion detection systems, intrusion protection systems, secure computing, audit and monitoring. Network protection principles such as defense in depth, access and identity management with application to cybersecurity are discussed. Risk management strategies and techniques are discussed including the value of training and education in protecting the network. A discussion of cybersecurity standards, cybersecurity implementation issues and certification are presented.