Member-only story

Governance & Regulation | Tryhackme Walkthrough

Rahul Kumar
19 min readJun 12, 2024

--

Explore policies and frameworks vital for regulating cyber security in an organisation.

Introduction

Cyber security is a rapidly evolving landscape wherein malicious actors relentlessly endeavour to exploit vulnerabilities in highly-sensitive systems, often with the intent of causing severe damage, disruption, and stealing of sensitive corporate data. To combat this evolving threat, a comprehensive approach to information security governance & regulation is necessary. Such an approach requires establishing robust policies and guidelines and implementing rigorous monitoring and enforcement mechanisms to ensure compliance. By adopting a proactive and strategic stance towards cyber security, organisations can mitigate the risks posed by malicious actors and safeguard their sensitive systems against potentially catastrophic breaches.

Learning Objectives

  • Understanding the role and importance of governance and regulation in cyber security
  • Gain an understanding of relevant international laws, regulations, policies, standards & guidelines
  • Understanding Governance, Risk Management & Compliance (GRC) framework
  • Develop & raise own cyber security posture as per international standards, including ISO 27001, NIST 800–53, and many more

Prerequisite

A basic understanding of the following two rooms is suggested; however, not mandatory:

We are all set to start if you have already gone through the above rooms.

Why is it important?

Important Terminologies

  • Governance: Managing and directing an organisation or system to achieve its objectives and ensure compliance with laws, regulations, and standards.
  • Regulation: A rule or law enforced by a governing body to ensure compliance and protect against harm.
  • Compliance: The state of adhering to laws, regulations, and standards that apply to an organisation or system.

Information Security Governance

Information security governance represents an organisation’s established structure, policies, methods, and guidelines designed to guarantee the privacy, reliability, and

--

--

Rahul Kumar
Rahul Kumar

Written by Rahul Kumar

Cybersecurity Enthusiast!! | COMPTIA SEC+ | CCSK | CEH | MTA S&N | Cybersecurity Analyst | Web Application Security

No responses yet

Write a response