Litcius/Paper detail

A Survey of Major Cybersecurity Compliance Frameworks

Wenjia Wang, S. Masoud Sadjadi, Naphtali Rishe

202413 citationsDOI

Abstract

Motivated by the challenge of navigating the complex landscape of cybersecurity compliance, this study critically examines and evaluates seven major cybersecurity frameworks: SOC 2, GDPR, PCI DSS, HIPAA, CIS Controls V8, NIST CSF, and CMMC 2.0. Our research focuses on understanding their distinct features and operational nuances, addressing a significant gap in current compliance strategies. We contribute a novel set of risk management-based evaluation criteria, offering a comprehensive analysis of these frameworks. The study further explores the Secure Controls Framework (SCF) and its effective integration with these frameworks, summarizing a unified mapping approach. This mapping facilitates streamlined compliance across multiple standards, providing a strategic tool for organizations. Our findings offer pivotal insights into the efficacy of each framework in managing cybersecurity risks, underlining the necessity for an integrated, risk-focused approach to compliance in the digital era.

Topics & Concepts

Compliance (psychology)Computer securityComputer scienceInternet privacyPsychologySocial psychologyInformation and Cyber SecurityCybersecurity and Cyber Warfare Studies
A Survey of Major Cybersecurity Compliance Frameworks | Litcius