From the course: CISSP Cert Prep (2021): 2 Asset Security
Join today to access over 22,500 courses taught by industry experts or purchase this course individually.
Customizing security standards
From the course: CISSP Cert Prep (2021): 2 Asset Security
Customizing security standards
- [Instructor] The security standards offered by industry experts, are an excellent starting point for an organization's own security standards, but they're rarely ready to use out of the box. And they often require customization to meet the organization's own security requirements. Organizations commonly start with these baselines, and then add, remove, and modify controls to develop their own security standards. The purpose of these customization efforts is to scope and tailor the standard, to meet the organization's specific needs. For example, an industry standard might suggest using full disk encryption to protect stored data on an endpoint, and suggest the use of AES encryption with a 128, 192 or 256 bit key. The organization might have a compliance requirement that mandates the use of 256 bit keys. In this case, the organization might modify the standard to require the use of a 256 bit key, removing the options for…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.