Advertisement
  • Login
    • Home / Certification & Training / Green UAS / Green UAS Frameworks / Corporate Cyber Hygiene

    Corporate Cyber Hygiene

    Assessment of an organization’s enterprise cyber security strategy, enterprise program and defined controls. A review of whether the strategy and program are in alignment with leading practice Standards Frameworks, such as the ISO (International Organization for Standardization) and National Institute of Standards and Technology (NIST) Cyber Security Framework (CSF) and similarly recognized controls guidance.

    • Security Documentation. Controls to ensure the organization has a defined security program and implementation directives for critical operations and activities.
    • Risk Assessment. Defines requirements for the integration of cyber/security requirements as part of enterprise risk management and confirmation of risk mitigation for critical security controls.
    • Planning. Controls to ensure consideration of critical requirements for program level controls.
    • Personnel Security. Requirements for standard security protocols with regard to the hiring, termination and management of personnel.
    • Configuration Management. Controls to support the detection and prevention of unauthorized changes to company systems and assets.
    • Access Control. Controls focused on verifying the existence of a robust access management program and controls to ensure access to cyber, physical and information assets is effectively controlled, and security risks associated with unauthorized access are mitigated.
    • Identification & Authentication. Defines requirements for system, asset, access identification and authentication controls to prevent unauthorized access and use of company assets.
    • Physical & Environmental Protection. Controls to ensure physical protection measures for critical organizational systems and assets.
    • Security Assessment & Authorization. Defines general security integrity and validation activities.
    • System & Services Acquisition. Controls focused on ensuring security in the process of acquisition of systems and vendor services, including mergers and business integration activities.
    • System & Communication Protection. Ensures processes and controls to mitigate risks associated with the transmission of data, machine-to-machine, remote communication and similar system, application, and data risks.
    • System & Information Integrity. Requirements defining controls to protect critical company data and information from unauthorized access and to mitigate the risk of improper changes to system or other data supporting good security.
    • Contingency Planning. Controls to support risk-based defined processes for business continuity, emergency response, and periodic drills to verify effectiveness of ability to restore critical systems and operations if a major impact event occurs.
    • Incident Response. Defines organizational requirements supporting the ability to identify, respond to, and mitigate cyber incidents.
    • Media Protection. Controls to ensure the implementation of protocol to securely store and transport media.
    • Maintenance. Defines requirements to implement end-of-support and life controls for company assets.
    • Awareness & Training. Controls to drive design and implementation of security and vulnerability awareness with role-based focus to support understanding and execution of other security controls at the individual and enterprise level.
    • Program Management. Minimum security program controls critical for good cyber hygiene.
    • Audit and Accountability. Defines requirements for the implementation of independent quality assurance and audit requirements across the security program and controls to enforce organizational commitment to execution of the program.
    Frameworks

    Meet our members

    AUVSI members include organizations and individuals driving innovation across sectors and around the world. They design and deploy technology that transforms operations on land, at sea, and in the air.

    Member Directory