The Council on CyberSecurity has announced the formation of an expert Panel to lead the evolution and update of the Critical Security Controls (CSC).
The Panel will gather and consider input from across the entire community of Critical Security Controls users, partners, adopters, solutions providers, etc., and then produce the next version of the Controls. In addition, the Panel will advise the Council on CyberSecurity about strategy and direction for the Controls.
“Our current version was released in March of 2013, and we would like to complete any revisions by about the same time in 2014, preferably in time for RSA 2014,” said Tony Sager, Director of Programs for the Council on CyberSecurity
“The Controls have held up very well, growing rapidly in adoption, but there are a few areas that could use some technical and threat-based updating, and we would like to give thought to the structure of the document in order to better support adopters, as well as better alignment with other Partners (like the Australian DSD 35, and the NSA Top 10),” Sager continued.
The Council on CyberSecurity is an independent, expert, not-for-profit organization with a global scope committed to the security of an open Internet, and is the new “home” for the 20 CSC, which were formerly governed by SANS.
The Panelists will be chosen for their expertise and experience in one or more of the many dimensions of cybersecurity – threat, vulnerability, technology, defensive operations, IT management, solutions development – providing the diversity of input that makes the 20 CSC so widely adopted.
“The Critical Security Controls are effective and growing because of the community of people and enterprises that has built up around them, helping and supporting each other,” Sager said.
If you would like to be considered for a spot on the review panel, submit a resume or other statement of your credentials (no more than one page) to Tony Sager at t.sager(at)counciloncybersecurity(dot)org no later than October 23rd, 2013.