Reducing Risk Through Prevention: Implementing SANS Critical Security Controls 1–4

The trend line for cybersecurity crimes continues to increase, with no signs of a meaningful decrease on the horizon. Is there anything an organization can do to stop these attacks from occurring and protect their critical information systems from intruders? Business leaders need to understand the risks that face their organization if they are to effectively mitigate them.

In this SANS Analyst Program whitepaper, we will discuss 1) the actual threats facing organizations today in a realistic and measured way, 2) the methods dedicated attackers use to compromise systems using the “intrusion kill chain” as a model, and 3) consider specific defenses, as outlined by the first four Critical Security Controls (CSCs), which organizations can implement to keep future attacks from succeeding.