Understanding the top 20 Critical Security Controls
by Mirko Zorz - Monday, 10 March 2014.
In this podcast recorded at RSA Conference 2014, Wolfgang Kandek, CTO at Qualys, talks about the 20 Critical Security Controls, which outline a practical approach to implementing security technologies by providing proven guidelines for protecting IT environments.

The 20 Critical Controls for Effective Cyber Defense (the Controls) are a recommended set of actions for cyber defense that provide specific and actionable ways to stop today’s most pervasive attacks. They were developed and are maintained by a consortium of hundreds of security experts from across the public and private sectors. An underlying theme of the Controls is support for large-scale, standards-based security automation for the management of cyber defenses.

The actions defined by the Controls are demonstrably a subset of the comprehensive catalog defined by NIST SP 800-53. The Controls do not attempt to replace the National Institute of Standards and Technoloy comprehensive Risk Management Framework. The Controls instead prioritize and focus on a smaller number of actionable controls with high-payoff, aiming for a “must do first” philosophy. Since the Controls were derived from the most common attack patterns and were vetted across a very broad community of government and industry, with very strong consensus on the resulting set of controls, they serve as the basis for immediate high-value action.

Press the play button below to listen to the podcast:



Qualys has collaborated with the SANS Institute and the Council on CyberSecurity to release a new free tool to help organizations implement the Top 4 Critical Security Controls to fend off attacks.

Spotlight

Harnessing artificial intelligence to build an army of virtual analysts

PatternEx, a startup that gathered a team of AI researcher from MIT CSAIL as well as security and distributed systems experts, is poised to shake up things in the user and entity behavior analytics market.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Thu, Feb 4th
    COPYRIGHT 1998-2016 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //