BS ISO/IEC 27032:2012 Information technology — Security techniques — Guidelines for cybersecurity

BS ISO/IEC 27032:2012

Information technology. Security techniques. Guidelines for cybersecurity

Status : Current, Work in hand   Published : July 2012



Cyberspace is a complex environment consisting of interactions between people, software and services. Supported by the worldwide distribution of information and communication technology devices and networks, it presents endless advantages to the user. However the online environment may not always be safe.

That’s why we’ve published BS ISO/IEC 27032:2012 Information technology — Security techniques — Guidelines for cybersecurity which seeks to address security gaps arising from a lack of communication between the different users and providers of cyberspace.

It tackles any risks not covered by current Internet, network and information and communication technology security.

This International Standard provides guidance for improving the state of Cybersecurity, drawing out the unique aspects of that activity and its dependencies on other security domains. In particular it focuses on information security, network security, internet security and critical information infrastructure protection (CIIP).

BS ISO/IEC 27032:2012 provides readers with:

— General overview of cybersecurity
— Explanation of the relationship between cybersecurity and other types of security
— Definition of stakeholders and a description of their roles in cybersecurity
— Guidance for addressing common cybersecurity issues, and
— Framework to enable stakeholders to collaborate on resolving cybersecurity issues.

This International Standard is applicable to providers of services in the Cyberspace. The audience, however, includes the consumers that use these services. Where organizations provide services in the Cyberspace to people for use at home or other organizations, they may need to prepare guidance based on this International Standard that contains additional explanations or examples sufficient to allow the reader to understand and act on it.


1 Scope
2 Applicability
3 Normative references
4 Terms and definitions
5 Abbreviated terms
6 Overview
7 Stakeholders in the Cyberspace
8 Assets in the Cyberspace
9 Threats against the security of the Cyberspace
10 Roles of stakeholders in Cybersecurity
11 Guidelines for stakeholders
12 Cybersecurity controls
13 Framework of information sharing and coordination

Standard NumberBS ISO/IEC 27032:2012
TitleInformation technology. Security techniques. Guidelines for cybersecurity
StatusCurrent, Work in hand
Publication Date31 July 2012
Confirm Date09 July 2018
Normative References(Required to achieve compliance to this standard)ISO/IEC 27000
Informative References(Provided for Information)ISO/IEC 27034, ISO/IEC 27001, ISO/IEC 20000-1, ISO/IEC 12207:2008, ISO/IEC 27033, ISO/IEC 27031, ITU-T X.1200-X.1299, IETF RFC 3882, ITU-T X.1500-X.1598, ISO/IEC 27010, ISO Guide 73:2009, ISO/IEC 27035, ISO/IEC 29147, ISO/IEC 27005, ISO/IEC TR 19791, ISO/IEC 27002, ISO/IEC 15408-1, ISO/IEC 19770-1:2017, ISO/IEC 27003:2017, ISO 31000:2018
International RelationshipsISO/IEC 27032:2012
Draft Superseded By11/30168516 DC
DescriptorsData processing, Safety, Safety devices, Information transfer, Security, Internet
Title in FrenchTechnologies de l’information. Techniques de sécurité. Lignes directrices pour la cybersécurité
ISBN978 0 580 59489 2
File Size1.757 MB

 Your basket
Your basket is empty

Multi-user access to over 3,500 medical device standards, regulations, expert commentaries and other documents

Tracked Changes

Understand the changes made to a standard with our new Tracked Changes version

Worldwide Standards
We can source any standard from anywhere in the world


Access, view and download standards with multiple user access, across multiple sites with BSOL

Customers who bought this product also bought

  • PAS 555:2013
    Cyber security risk. Governance and management. Specification
  • BS ISO/IEC 27031:2011
    Information technology. Security techniques. Guidelines for information and communication technology readiness for business continuity
  • BS ISO/IEC 27036-2:2014
    Information technology. Security techniques. Information security for supplier relationships Requirements
  • BS ISO/IEC 27005:2011
    Information technology. Security techniques. Information security risk management