Cybersecurity Key Artifact Terms

CM - Configuration Management (CM) is a process that involves adjusting the default settings of your business Information System (IS) in order to increase security and mitigate business RISK. CM identifies misconfigurations of a system's default settings. It is much more than described here, but we can discuss it further later. Generally speaking, there are four steps to good CM Planning.

  1. Create a CM Baseline Plan.
  2. Don't let the baseline become obsolete.
  3. Continuous Auditing.
  4. Test, test, and test.

This includes a business baseline configuration to operate as the basis for future builds or changes to business systems. This includes information system component inventories and a Security Impact Analysis (SIA) control.

AC- An Access Control (AC) Plan is the blueprint for your access to your business system(s). It takes into account your Business's unique security requirements and lays out a comprehensive strategy for addressing them. Who, when, and what is accessed and not only by data but which can be controlled in layers of Least Privilege. This includes who has access to what assets and reporting capabilities like account management, system privileges, and remote access logging to determine when users can access the system and their level of access.

DRP - Disaster Recovery Plan (DRP) is usually a written plan for recovering one or more
Information Systems(s) at an alternate facility (if ROI demands necessary) in response to a Major Hardware (HW) or Software (SW) failure or destruction of facilities (the Business location). It can define what a disaster is. It is a plan that is maintained for disaster response, backup operations, and post-disaster recovery to ensure the Availability of critical resources and to facilitate the continuity of Operations in an emergency situation. This documentation is a predetermined set of instructions or procedures that describe how business processes will be sustained during and after a significant disruption.

IRP - Incident Response Plan (IRP) The documentation of a predetermined set of instructions or procedures to detect, respond to, and limit the consequences of malicious cyber-attacks against a business information system(s).

AU - Audit (AU). The AU comprises security controls related to your business audit capabilities. This includes audit policies and procedures, audit logging, audit report generation, and protection of audit information.

PE - Physical and Environmental Protection (PE). PE is implemented to protect your business systems, buildings, and supporting infrastructure against physical threats. PE includes physical access authorizations, monitoring, visitor records, emergency shutoff, power, lighting, fire protection, and water damage protection.

RA - Risk Assessment (RA). RA relates to your business risk assessment policies and vulnerability scanning capabilities. Tools like ACAS or scanning for vulnerabilities and threats. And the patch management system you use to keep yourself current.

A person typing on a keyboard with a computer screen in the background.