The risk-based approach to identifying cybersecurity requirements
Nowadays, cybersecurity comes to the forefront when designing information systems. When designing a website, CRM, ERP and other information systems, it is necessary to consider the requirements for security.
System analysts, due to the technical complexity of this topic, may face problems in identifying and specifying such requirements. How does a systems analyst identify requirements for cybersecurity? Where to begin? What can be used in work?
In this talk, I will propose an approach to identifying and specifying requirements based on the results of a Cybersecurity risk analysis. Using an end-to-end example, I will describe an approach for identifying and specifying Cybersecurity requirements and share techniques and resources to help you get started.
The talk will be helpful for beginners as well as analysts of small projects without a dedicated, separate information security role.