Abstract
Cybersecurity standards on a global scale are exhaustive, appealing to several types, such as glossaries, guidelines, methods, and objectives (e.g., Information Technology evaluation, requirement identification, risk management, and technical specifications). This chaotic range of standards towards the rapid pace of technological and threat evolution hinders stakeholders (e.g., security architects/developers, policymakers, testers, and auditors) from discovering which standards best meet their security needs. The paper analyzes this challenge and contributes to harmonizing standards by identifying relationships between the EU regulation and prominent cybersecurity standards. The current work develops a taxonomy that classifies cybersecurity standards according to their objective, usage, and sector, aiming to help stakeholders understand their purpose and decide which they should adopt to cover their organizational needs. The taxonomy is represented in a semantic ontology, following the Web Ontology Language Edition 2 knowledge engineering approach. A realistic scenario is described to illustrate the applicability of the taxonomy.
Reference62 articles.
1. Obfuscated Memory Malware Detection in Resource-Constrained IoT Devices for Smart City Applications
2. The rise of ransomware: Forensic analysis for windows based ransomware attacks
3. Maurer T, Nelson A; International Monetary Fund. The global cyber threat. Available from: https://www.imf.org/external/pubs/ft/fandd/2021/03/global-cyber-threat-to-financial-systems-maurer.htm [Last accessed on 25 Apr 2024]
4. European Parliament and Council. Regulation (EU)2019/881 on ENISA and on information and communications technology cybersecurity certification and repealing regulation (EU) No 526/2013 (cybersecurity act). Available from: https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32019R0881 [Last accessed on 25 Apr 2024]
5. European Commission. Internal market, industry, entrepreneurship and SMEs. Available from: https://single-market-economy.ec.europa.eu/single-market/european-standards_en [Last accessed on 25 Apr 2024]