Which family of standards should Craig be familiar with while implementing ISO standards for cybersecurity?

The family of standards that Craig should be familiar with while implementing ISO standards for cybersecurity is ISO 27000. This series consists of a set of standards that specifically address information security management systems (ISMS) and are critical for organizations looking to manage the security of their information effectively.

ISO 27001 establishes the requirements for setting up, implementing, maintaining, and continually improving an information security management system. It provides a framework for risk management and security controls, making it essential for organizations aiming to enhance their cybersecurity posture.

ISO 27002 offers guidelines for organizational information security standards and the management of information security risks, providing best practices for implementing security controls identified in ISO 27001.

In contrast, while the other families of standards may pertain to various sectors and issues (such as quality management or business continuity), they do not specifically focus on the framework and principles of cybersecurity that ISO 27000 addresses. This makes the ISO 27000 series the most pertinent for anyone looking to implement ISO standards in the realm of cybersecurity.