Hi,
Thank you for the work of the contributors. I like the inclusion of the threat model in the guide.
I just had a question about how to drive the spreadsheet in terms of the filters for the Impact of confidentiality, integrity and availability.
If I have Low Confidentiality but High Integrity and Availability, do I set all filters to High, or should I look at the selected controls for each of the impacts and build a consolidated list, i.e. all the controls for Low confidentiality + High Integrity + High Availability?
Regards,
------------------------------
Nic Bishop
Security Domain Architect
SA Power Networks
------------------------------
Original Message:
Sent: Nov 13, 2019 05:49:42 PM
From: Alex Kaluza
Subject: IoT Security Controls Framework and Guide Published
Thank you everyone for your contributions to the IoT Security Controls Framework and the companion guide. The document was published at CSA Summit 2019/RSA Conference 2019 on Tuesday, March 5th. I have attached two direct links for the working group to see the final documents.
Again thanks for all your hard work!
------------------------------
Posted by Hillary Baron on Mar 11
------------------------------