This article may be too technical for most readers to understand. Please help improve it to make it understandable to non-experts, isa 99 standard pdf removing the technical details. The talk page may contain suggestions.
This environment includes users themselves, networks, devices, all software, processes, information in storage or transit, applications, services, and systems that can be connected directly or indirectly to networks. The principal objective is to reduce the risks, including prevention or mitigation of cyber-attacks. These published materials consist of collections of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance and technologies.
Cybersecurity standards have existed over several decades as users and providers have collaborated in many domestic and international forums to effect the necessary capabilities, policies, and practices – generally emerging from work at the Stanford Consortium for Research on Information Security and Policy in the 1990s. NIST Cybersecurity Framework as the most popular best practice for computer security, but many note that it requires significant investment.