The cybersecurity field can often feel quite overwhelming, filled with technical jargon and complexity. However, the International Information System Security Certification Consortium (ISC)² developed a framework that arranges cybersecurity into eight domains. These domains are defined by the Certified Information Systems Security Professional (CISSP) Common Body of Knowledge (CBK).
That was a mouthful but don’t despair. In this guide, we’ll introduce these cybersecurity domains. Let’s begin.
What are the 8 cybersecurity domains?
The CISSP CBK framework categorizes cybersecurity into eight distinct domains, each addressing an important aspect of digital security. Let’s unpack each of these domains.
1. Security and risk management
The security and risk management domain is a foundational domain that covers the security principles which provide guidance for all security initiatives. This includes governance, compliance, disaster recovery, and ethical requirements. The primary focus is to evaluate and mitigate risks and thereby ensure the effective prioritization of threats.
2. Asset security
The asset security domain focuses on the protection of both physical and digital assets or, in simple terms, hardware and data. Asset security is important because it protects sensitive information through data classification, data handling, and data storage. These methods ensure the prevention of unauthorized access or loss of assets.
3. Security architecture and engineering
This domain focuses on cybersecurity as a built-in feature rather than something to add on later. It creates a blueprint for building secure systems, such as firewalls or intrusion detection systems, to prevent attackers from exploiting vulnerabilities.
4. Communication and network security
The communication and network security domain looks at how to protect data that travels between devices. This includes secure protocols such as HTTPS, VPNs, and encryption. This domain aims to ensure that data in transit is adequately protected, and the risk of possible interception is minimized.
5. Identity and access management (IAM)
The IAM domain focuses on the access and permission requirements for a system using the principle of least privilege, and secure authentication methods like passwords and multifactor authentication (MFA). If access is controlled to specific systems, then the risk is reduced for insider threats and unauthorized access.
6. Security assessment and testing
This domain looks at the importance of penetration testing and vulnerability management to ensure that the security defenses remain effective. Security defenses are important because it identifies any vulnerabilities that need to be fixed to reduce the risk of being attacked.
7. Security operations
The security operations domain focuses on continuous monitoring and incident response. This 24/7 approach ensures that threats are detected and remediated effectively and well before they have the opportunity to cause significant harm.
8. Software development security
This domain emphasizes the importance of secure coding practices. It promotes the inclusion of security in the software design process. When the security is embedded into the software from the beginning, the vulnerabilities and risks are minimized which significantly reduces the cost to fix it at a later stage.
Why are these domains important?
These cybersecurity domains were developed over decades of industry evolution and collaboration to form the framework. The domains provide a structure to assist cybersecurity professionals with how to prepare for the challenges they may face.
If you understand these domains, you will enhance your own personal security and gain valuable insights into the wonderful and exciting world of cybersecurity. Be secure!
