Understanding the top 20 Critical Security Controls
by Mirko Zorz - Monday, 10 March 2014.
In this podcast recorded at RSA Conference 2014, Wolfgang Kandek, CTO at Qualys, talks about the 20 Critical Security Controls, which outline a practical approach to implementing security technologies by providing proven guidelines for protecting IT environments.

The 20 Critical Controls for Effective Cyber Defense (the Controls) are a recommended set of actions for cyber defense that provide specific and actionable ways to stop today’s most pervasive attacks. They were developed and are maintained by a consortium of hundreds of security experts from across the public and private sectors. An underlying theme of the Controls is support for large-scale, standards-based security automation for the management of cyber defenses.

The actions defined by the Controls are demonstrably a subset of the comprehensive catalog defined by NIST SP 800-53. The Controls do not attempt to replace the National Institute of Standards and Technoloy comprehensive Risk Management Framework. The Controls instead prioritize and focus on a smaller number of actionable controls with high-payoff, aiming for a “must do first” philosophy. Since the Controls were derived from the most common attack patterns and were vetted across a very broad community of government and industry, with very strong consensus on the resulting set of controls, they serve as the basis for immediate high-value action.

Press the play button below to listen to the podcast:



Qualys has collaborated with the SANS Institute and the Council on CyberSecurity to release a new free tool to help organizations implement the Top 4 Critical Security Controls to fend off attacks.

Spotlight

The role of the cloud in the modern security architecture

Posted on 31 July 2014.  |  Stephen Pao, General Manager, Security Business at Barracuda Networks, offers advice to CISOs concerned about moving the secure storage of their documents into the cloud and discusses how the cloud shaping the modern security architecture.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Aug 1st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //