Main Article Content

Abstract

When it comes to cybersecurity, different frameworks, best practices, and standards are used by organization. And these governance documents are most often chosen in accordance with corporate governance requirements or legislative requirements. Controls, cyber breaches history and finances are typically prescribed in governance documents, including technical controls, administrative controls, and physical controls. There are also a number of documents that describe specific capabilities that businesses must develop to secure their cyberspace. So, from threats to SQL Injection Attacks to Cloud computing, Load balancing and Internet of things that needs cyber protection and the framework that GRC provides for it are all needs to be included with GRC framework while informing about the GRC business benefit to organisation. Thus, the results in this paper should be understanding and evaluating IT GRC implementation to reduce mismanagement and risk and ensure adherance in organizations and it can be only achieved by mitigating outside risks like cyber and network attacks by using means of Application Security, Internet of Things Security, Network Security, Infrastructure security and limiting access to sensitive information, showing the, interrelation of GRC with Cyber security. 

Article Details

How to Cite
[1]
I. Thapa Chhetri, “Cyber security and GRC”, Ausjournal, vol. 1, no. 1, pp. 31-43, May 2022.

References

[1] P. Jacobs, S. von Solms and M. Grobler, "Towards a framework for the growth of business cybersecurity capabilities", Cberuk.com, 2022. [Online]. Available: https://cberuk.com/cdn/conference_proceedings/conference_40254.pdf. [Accessed: 11- May- 2022].

[2] S. Hamilton, "What is GRC And How It Empowers Cyber Security?", 360factors.com, 2018. [Online]. Available: https://www.360factors.com/blog/what-is-grc/. [Accessed: 12- May- 2022].

[3] S. Hamaker, "Spotlight on Governance: by Stacey Hamaker, CISA | PDF | Corporate Governance | Governance", Scribd, 2003. [Online]. Available: https://www.scribd.com/document/52300444/v1-03p15-19. [Accessed: 12- May- 2022].

[4] "Global Status Report on the Governance of Enterprise It (Geit)—2011", Security-finder.ch, 2011. [Online]. Available: https://www.security-finder.ch/fileadmin/dateien/pdf/studien-berichte/Global-Status-Report-GEIT-10Jan2011-Research.pdf. [Accessed: 12- May- 2022].

[5] C. Pollard, D. Gupta and J. Satzinger, "Teaching Systems Development: A Compelling Case for Integrating the SDLC with the ITSM Lifecycle", Information Systems Management, vol. 27, no. 2, pp. 113-122, 2010. Available: https://www.researchgate.net/publication/220630148_Teaching_Systems_Development_A_Compelling_Case_for_Integrating_the_SDLC_with_the_ITSM_Lifecycle. [Accessed 12 May 2022].


[6] P. Jacobs, S. von Solms and M. Grobler, "Towards a framework for the growth of business cybersecurity capabilities", Cberuk.com, 2022. [Online]. Available: https://cberuk.com/cdn/conference_proceedings/conference_40254.pdf. [Accessed: 11- May- 2022].
[7] "Cybersecurity & GRC Services | HCL Technologies", Hcltech.com. [Online]. Available: https://www.hcltech.com/cyber-security-grc-services. [Accessed: 12- May- 2022].

[8] U. Perendi, "The GRC approach to Cyber Security", GOVERNIFY, 2020. [Online]. Available: https://governify.com/2020/01/02/the-grc-approach-to-cyber-security/. [Accessed: 12- May- 2022].

[9] "Cyber Security: The Small Business Best Practice Guide", Static1.squarespace.com, 2018. [Online]. Available: https://static1.squarespace.com/static/52b5f387e4b08c16746b6b70/t/60d01fb868579e7a02a3d1fc/1624252345505/ASBFEO-cyber-security-research-report.pdf. [Accessed: 12- May- 2022].

[10] I. Education, "What is GRC?", Ibm.com, 2020. [Online]. Available: https://www.ibm.com/cloud/learn/grc. [Accessed: 12- May- 2022].

[11] K. Lindros, "What is IT governance? A formal way to align IT & business strategy", CIO, 2017. [Online]. Available: https://www.cio.com/article/272051/governanceit-governance-definition-and-solutions.html. [Accessed: 12- May- 2022].

[12] Security-finder.ch, 2022. [Online]. Available: https://www.security-finder.ch/fileadmin/dateien/pdf/studien-berichte/Global-Status-Report-GEIT-10Jan2011-Research.pdf. [Accessed: 11- May- 2022].


[13] M. Hill and D. Swinhoe, "The 15 biggest data breaches of the 21st century", CSO Online, 2022. [Online]. Available: https://www.csoonline.com/article/2130877/the-biggest-Data-breaches-of-the-21st-century./. [Accessed: 12- May- 2022].

[14]"Expert GRC Cyber Security Services", eSecurity Solutions, 2022. [Online]. Available: https://www.esecuritysolutions.com/security-services/. [Accessed: 12- May- 2022].