活動
起 2026-01-03 迄 2026-01-12
2026-01-12
- 14:14 資安改善 #1353 (New-新增): CY-OT502
- "OT - BCP
Is there a BCP/DRP documentation and processes in place that include industrial cybersecurity aspects?
Ha... - 14:14 資安改善 #1352 (New-新增): CY-OT501
- "OT - Backup & Restore
Is there a documented and implemented backup management procedure that takes into account the... - 14:14 資安改善 #1351 (New-新增): CY-OT402
- "OT - Incident & Crisis Management
Is there an incident management plan, including reporting of incident to local CI... - 14:14 資安改善 #1350 (New-新增): CY-OT401
- "OT - Detection - Logging & Monitoring
Are event logs with relevant security information (source, date, user and tim... - 14:13 資安改善 #1349 (New-新增): CY-OT302
- "OT - Remote Access
Do you have a secure remote access process?" - 14:13 資安改善 #1348 (New-新增): CY-OT301
- "OT - Third-party management
Are security requirements included and checked in tenders and contract with suppliers ... - 14:13 資安改善 #1347 (New-新增): CY-OT210
- "OT - Obsolescence Management
Are obsolete assets formally tracked within the asset inventory? Is there an obsolesce... - 14:13 資安改善 #1346 (New-新增): CY-OT209
- "Vulnerability and patch management
Is there a patch management process defined, documented and applied at plant le... - 14:13 資安改善 #1345 (New-新增): CY-OT208
- "OT - Network security
Does the network architecture of the industrial site respect the standard established by the ... - 14:12 資安改善 #1344 (New-新增): CY-OT207
- "OT - System hardening
Is there an asset configuration hardening in place (workstations, servers, network equipments... - 14:12 資安改善 #1343 (New-新增): CY-OT206
- "OT - USB protection
Are USB keys sanitized before being connected to industrial workstations to avoid the introduct... - 14:12 資安改善 #1342 (New-新增): CY-OT205
- "OT - Antivirus/EDR
Is there an Antivirus/EDR deployed on the workstations and servers?" - 14:12 資安改善 #1341 (New-新增): CY-OT203
- "OT - Identity and access management
Is there a documented and enforced process for access control, account manageme... - 14:11 資安改善 #1340 (New-新增): CY-OT202
- "OT - Security by design
Is OT cybersecurity taken into account from end to end in projects with the involvement of ... - 14:11 資安改善 #1339 (New-新增): CY-OT201
- "OT - Awareness & Training
Is there a dedicated industrial cybersecurity training in place for the OT cybersecurity ... - 14:11 資安改善 #1338 (New-新增): CY-OT105
- "OT - Audit & Control
Are there periodic audits and/or self-assessments based on the Fix the Basics including the su... - 14:11 資安改善 #1337 (New-新增): CY-OT104
- "OT - Sites/contracts inventory
Are all contracts and plants listed with an identification of their criticality perf... - 14:10 資安改善 #1336 (New-新增): CY-OT103
- "OT - Asset inventory
Are all plant assets tracked in an asset inventory and kept up to date under the responsibilit... - 14:10 資安改善 #1335 (New-新增): CY-OT102
- "OT - Risk Management
Has a risk analysis been conducted, validated by the business, and a budget allocated to deplo... - 14:10 資安改善 #1334 (New-新增): CY-OT101
- "OT - Roles and Responsabilities
Entity level: Has a formal OT cybersecurity organization been defined and implement... - 14:10 資安改善 #1333 (New-新增): CY-IT502
- "IT - Business continuity
Does the business continuity plan (BCP) include a plan to manage cyber events?
Is an IT b... - 14:09 資安改善 #1332 (New-新增): CY-IT501
- "IT - Backup and Restore
Is there a documented and implemented backup management procedure that takes into account f... - 14:09 資安改善 #1331 (New-新增): CY-IT402
- "IT - Crisis management
Do you apply the group alert and crisis management procedure adapted to your scope?
Is this... - 14:09 資安改善 #1330 (New-新增): CY-IT401
- "IT - Incident management
Do you apply the group standard for managing cybersecurity alerts and incidents? Do you ha... - 14:09 資安改善 #1329 (New-新增): CY-IT304
- "IT - Centralization of logs and detection rules
Are the event logs essential to investigation and detection collect... - 14:09 資安改善 #1328 (New-新增): CY-IT303
- "IT - Audits and intrusion tests
Do you regularly (at least every 3 years) carry out intrusion tests (application pe... - 14:08 資安改善 #1327 (New-新增): CY-IT302
- "IT - Vulnerability detection
Do you carry out vulnerability scans regularly and apply the associated patches as par... - 14:08 資安改善 #1326 (New-新增): CY-IT301
- "IT - Deployment of detection tools and services
Is a Security Operation Center (SOC) in place? Is an Endpoint Detec... - 14:08 資安改善 #1325 (New-新增): CY-IT216
- "IT - Network Architecture
Does your network architecture follow security best practices?
Are there interconnection... - 14:08 資安改善 #1324 (New-新增): CY-IT215
- "IT - Data encryption
An encryption policy for data at rest and in transit is defined and applied?" - 14:07 資安改善 #1323 (New-新增): CY-IT214
- "IT - Data classification and protection
Do you apply the requirements of the Key 19 procedure?
Do you have a regul... - 14:07 資安改善 #1322 (New-新增): CY-IT213
- "IT - Mobile devices
Is a mobile device security policy in place (for smartphone, tablet) ?" - 14:07 資安改善 #1321 (New-新增): CY-IT211
- "IT - Server hardening
Are you implementing server and application hardening (including mobile applications)?" - 14:07 資安改善 #1320 (New-新增): CY-IT210
- "IT - Awareness and training
Do you have a cybersecurity awareness and training program and do you carry out cyberse... - 14:06 資安改善 #1319 (New-新增): CY-IT209
- "IT - Security by design
Is cybersecurity integrated from the design stage (security by design) and at each key sta... - 14:06 資安改善 #1318 (New-新增): CY-IT208
- "IT - Protection of exposed assets
Do you have an action plan in place to reinforce security and surveillance on ser... - 14:06 資安改善 #1317 (New-新增): CY-IT207
- "IT - Network Architecture Document
Do you have a network architecture document indicating the segmentations of you... - 14:06 資安改善 #1316 (New-新增): CY-IT206
- "IT - Network - Internet Access Point
Do you have an Internet Access Point (IAP) inventory? Have you implemented a ... - 14:05 資安改善 #1315 (New-新增): CY-IT204
- "IT - Active Directory / LDAP Authentication Directory
Do you use an Active Directory (AD) or LDAP authentication di... - 14:05 資安改善 #1314 (New-新增): CY-IT203
- "IT - SSO
Is authentication of services exposed on the Internet done using SSO with the Google account, and only wit... - 14:05 資安改善 #1313 (New-新增): CY-IT202
- "IT - Account and password management
Do you have a process for managing user accounts and privileged accounts, and ... - 14:05 資安改善 #1312 (New-新增): CY-IT201
- "IT - Secure management of the information system
Do you apply a patch management process to manage the obsolescence... - 14:04 資安改善 #1311 (New-新增): CY-IT107
- "IT - Inventory of critical business process assets
Are business processes (finance, HR, IT, industrial, etc.) and t... - 14:04 資安改善 #1310 (New-新增): CY-IT106
- "IT - Third party management
Is cybersecurity integrated into the management of business and technical third parties... - 14:04 資安改善 #1309 (New-新增): CY-IT105
- "IT - Security dashboard
Do you maintain an up-to-date dashboard, including cybersecurity KPIs from the roadmap, to ... - 14:04 資安改善 #1308 (New-新增): CY-IT104
- "IT - Risk management
Is cybersecurity risk mapping carried out transversally for the entity? Are risk analyzes carr... - 14:03 資安改善 #1307 (New-新增): CY-IT103
- "IT - Asset inventory
Do you have a regularly updated list of all physical assets (servers, workstations, smartphone... - 14:03 資安改善 #1306 (New-新增): CY-IT102
- "IT - Roadmap and dedicated cybersecurity budget
Do you have a cybersecurity roadmap and an associated annual budget... - 14:03 資安改善 #1305 (New-新增): CY-IT101
- "IT - Cybersecurity governance
Do you have an appropriate cybersecurity organization within your entity? " - 14:00 資安改善 #1304 (New-新增): OT-CAP改善計畫
- CY-OT101 "OT - Roles and Responsabilities
Entity level: Has a formal OT cybersecurity organization been defined and ... - 13:59 資安改善 #1303 (New-新增): IT-CAP改善計畫
- CY-IT101 "IT - Cybersecurity governance
Do you have an appropriate cybersecurity organization within your entity? "
...
匯出至 Atom