Methodologies, Requirements, and Challenges of Cybersecurity Frameworks: A Review

Abstract

     As a result of the emergence of new business paradigms and the development of the digital economy, the interaction between operations, services, things, and software across numerous fields and communities may now be processed through value chain networks. Despite the integration of all data networks, computing models, and distributed software that provides a broader cloud computing solution, the security solution is missing or inadequate, and more work is required to strengthen security requirements such as mutual entity trustworthiness, access controls, identity management, and data protection, all aspects of detecting and preventing attacks or threats. In order to combat cybersecurity threats, various international organizations, academic universities, institutions, and organizations have been working hard to establish cybersecurity frameworks (CSFs). This paper describes CSFs from the perspectives of standard organizations such as ISO CSF and NIST CSF, as well as several proposed frameworks from researchers, and briefly discusses their characteristics and features. The common ideas described in this study could be helpful for creating a CSF model in general.