scope:

This Recommendation develops a definition of cybersecurity in clause 7. This Recommendation provides a taxonomy of security threats from an organization point of view.

NOTE - The use of the term "identity" in this Recommendation does not indicate its absolute meaning. In particular, it does not constitute any positive validation.

Clause 7 discusses the nature of enterprise cybersecurity environment, cybersecurity risks and endto- end communications security. Clause 8 discusses possible network protection strategies, including: closed loop policy management, uniform access management. Clause 8 also discusses secure communications techniques, variable depth security, securing the management plane, layered security and network survivability even under attack.

Appendix I discusses taxonomy of security threats, hackers tools of the trade and security threats.

Appendix II provides a review of the fields of cybersecurity technologies, including: cryptograph, access control technologies, perimeter protection techniques, antivirus and system integrity, audit and monitoring, and management.

Appendix III provides examples of network security. Examples include: securing remote access, securing IP telephony, securing VoIP clients, securing the remote office and securing WLANs.