you're reading...
Incident Response

Critical Security Controls for Cyber Defence

I have been working recently with the Centre for the Protection of National Infrastructure’s (CPNI) 20 Critical Security Controls for Cyber Defence.

The following text is taken from the CPNI website here: http://www.cpni.gov.uk/advice/cyber/Critical-controls/

The 20 controls (and sub-controls) focus on various technical measures and activities, with the primary goal of helping organisations prioritise their efforts to defend against the current most common and damaging computer and network attacks. Outside of the technical realm, a comprehensive security program should also take into account many other areas of security, including overall policy, organisational structure, personnel issues and physical security. To help maintain focus, the 20 controls do not deal with these important but non-technical aspects of information security.

The 20 controls and supporting advice are dynamic in order that they recognise changing technology and methods of attack.




No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: