Cyber Security Management System Explained

A Cyber Security Management System is a form of Information security management system, particularly focussed on protecting automation and transport systems.[1] The EU Cybersecurity Act, of 2019, led to the creation of UNECE working groups which developed the Cyber Security Management Systems (CSMS) concept (and also an approach for securing over-the-air updates of vehicle systems), which were formalised in UN Regulation 155.[2]

Context

Security technologies, and threats, can evolve much more quickly than regulatory bodies; so the CSMS emphasises a system of technologies and processes which can adapt more quickly, without relying on a narrowly-defined list of technical controls in a standard.[3] Consequently, the CSMS is intended to be technology-neutral, much like ISO 27001, unlike detailed technical security standards such as PCI DSS.

See also

Further reading

Notes and References

  1. https://www.msg-plaut.com/cybersecurity/cyber-security-management-systems-csms
  2. https://unece.org/sustainable-development/press/un-regulations-cybersecurity-and-software-updates-pave-way-mass-roll
  3. https://plaxidityx.com/blog/standards-and-compliance/unece-recommendation-on-software-update-processes/

This article is licensed under the GNU Free Documentation License. It uses material from the Wikipedia article "Cyber Security Management System".

Except where otherwise indicated, Everything.Explained.Today is © Copyright 2009-2025, A B Cryer, All Rights Reserved. Cookie policy.