20 Critical Security Controls for Effective Cyber Defense

Posted on August 6, 2014 by Dena Rissman • 0 Comments

The Critical Controls for Effective Cyber Defense are a recommended set of best practices for cyber defense that provide specific and actionable ways to stop today’s most pervasive attacks. They were developed by a consortium of hundreds of security experts from across the public and private sectors. The Controls are derived from the most common attack patterns and serve as a very strong basis for high-value action.

The Controls prioritize and focus on actionable controls with high-payoff, aiming for a “must do first” philosophy.

1. Inventory of authorized and unauthorized devices
2. Inventory of authorized and unauthorized software
3. Security configurations for hardware and software
4. Continuous vulnerability assessment and remediation
5. Malware defenses
6. Application software security
7. Wireless access control
8. Data recovery capability
9. Security skills assessment and appropriate training
10. Secure configurations for network devices such as firewalls, routers and switches
11. Limitation and control of network ports, protocols and services
12. Controlled use of administrative privileges
13. Boundary defense
14. Maintenance, monitoring and analysis of audit logs
15. Controlled access based on need-to-know
16. Account monitoring and control
17. Data protection
18. Incident response management
19. Secure network engineering
20. Penetration tests and red team exercises

Share on FacebookPlus on Google+

SUBSCRIBE MORE CONTENTS