A Survey of Major Cybersecurity Compliance Frameworks Conference

Wang, W, Sadjadi, SM, Rishe, N. (2024). A Survey of Major Cybersecurity Compliance Frameworks . 23-34. 10.1109/BigDataSecurity62737.2024.00013

cited authors

  • Wang, W; Sadjadi, SM; Rishe, N

abstract

  • Motivated by the challenge of navigating the complex landscape of cybersecurity compliance, this study critically examines and evaluates seven major cybersecurity frameworks: SOC 2, GDPR, PCI DSS, HIPAA, CIS Controls V8, NIST CSF, and CMMC 2.0. Our research focuses on understanding their distinct features and operational nuances, addressing a significant gap in current compliance strategies. We contribute a novel set of risk management-based evaluation criteria, offering a comprehensive analysis of these frameworks. The study further explores the Secure Controls Framework (SCF) and its effective integration with these frameworks, summarizing a unified mapping approach. This mapping facilitates streamlined compliance across multiple standards, providing a strategic tool for organizations. Our findings offer pivotal insights into the efficacy of each framework in managing cybersecurity risks, underlining the necessity for an integrated, risk-focused approach to compliance in the digital era.

publication date

  • January 1, 2024

start page

  • 23

end page

  • 34