Friday, July 26, 2013

The Critical Security Controls

Which information security controls are the highest priorities for your organization? The Critical Security Controls (CSCs), also known as the Consensus Audit Guidelines (CAG), are currently at version 4.1. Dozens of organizations shared in refining the controls, and the result is a list of those that produce the greatest results in the shortest time.

Every organization should undertake a risk assessment and prioritize the 20 CSCs according to its needs, and start implementing them immediately. Starting with the CSC will quickly result in significant measurable gains in information security, increasing any organization's resilience and viability in the midst of constantly changing threats.