FCW | The Business of Federal Technology
The Business of Federal Technology
Open Menu
  • People
  • IT Modernization
  • Digital Government
  • Security
  • Acquisition
  • Workforce
  • Events
  • Resources
    • Webcasts/Whitepapers
    • Reprints
    • List Rental
    • Advertise
    • Contact

Whitepapers

SANS Analyst Program: Implementing the Critical Security Controls

Since the SANS Institute hosted the first version of the Critical Security Controls (CSC) in 2008, the controls have been upgraded four times to meet demands of an evolving threat and vulnerability landscape. During that time, the Department of Homeland Security essentially made the CSCs a de facto standard to be followed by its branches. Canadian and other international authorities are also using these controls as guidelines to support their own cybersecurity policies, and so, too, are private-sector organizations with the most to lose, such as those in the infrastructure and financial fields.

Over time, the guidance in the CSCs has evolved to add detailed information on metrics for measuring effectiveness, implementation, automation and control test procedures, as well as “quick wins” suggestions. Through this guidance, organizations can begin to implement the controls in a way that illuminates their areas of vulnerability and ultimately improves their risk ratings, while making their networks more resilient to attacks.

Access Now

Sponsored by Tripwire


FCW | The Business of Federal Technology
  • About Us
  • Contact Us
  • Advertise
  • Subscribe
  • Digital Edition
  • Newsletter
  • Reprints
  • List Rental
  • © 1105 Media, Inc.
  • View our Privacy Policy and Terms of Service | CA: Do Not Sell My Personal Info
  • 1105 Media