In a time of limited resources, security programs are also experiencing pressure to do more with less. The 20 Critical Security Controls (20 CSC) provides the baseline for implementing the required technical controls that are required to ensure a robust network security posture.
In this video, Tony Sager – Director of Programs for the Council on Cyber Security – discusses how the 20 CSC are crucial to overcoming budget constraints by helping to determine which steps need to be taken first to secure networks and the sensitive data they contain.
The Chertoff Group’s co-founder and Chairman Michael Chertoff echoes Sager’s sentiments by pointing out that the 20 CSC provide visibility into threats against your network to allow for targeted investments in the security program that will have the most impact and align with the organization’s mission.
Prescott Winter, Managing Director of the Chertoff Group adds to the discussion by showing how the 20 CSC plays a key role in Risk Management decision making strategies by identifying systems that are critical to quality business-impact assessments.
Mark Weatherford, Principal at the Chertoff Group rounds out the discussion by noting that the 20 CSC provide the basis for prioritizing security efforts and allowing for security teams to be flexible and creative.
Finally, Tripwire’s Keren Cummins explains how the 20 CSC can be used to automate many processes that are typically labor intensive and tend to drain security budgets.
To help organizations better understand where to get started, Tripwire has compiled an e-book, titled The Executive’s Guide to the Top 20 Critical Security Controls: Key Takeaways and Improvement Opportunities, which is available for download [registration form required].
This publication is designed to assist executives by providing guidance for implementing broad baseline technical controls that are required to ensure a robust network security posture.
The author, a security and compliance architect, examined each of the Controls and has distilled key takeaways and areas of improvement. At the end of each section in the e-book, you’ll find a link to the fully annotated complete text of the Control.
Download your free copy of The Executive’s Guide to the Top 20 Critical Security Controls: Key Takeaways and Improvement Opportunities today.
- Aligning Security Metrics with Business Initiatives
- The Purpose of Continuous Diagnostics and Mitigation
- Communicating Security Risk to Better Enable the Business
- Is Risk Management an Art or a Science?
P.S. Have you met John Powers, supernatural CISO?
Title image courtesy of ShutterStock