Fandom

The IT Law Wiki

Critical Controls

32,181pages on
this wiki
Add New Page
Talk0 Share

Ad blocker interference detected!


Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.

Overview Edit

The goal of the Critical Controls is to protect critical assets, infrastructure, and information by strengthening your organization's defensive posture through continuous, automated protection and monitoring of your sensitive information technology infrastructure to reduce compromises, minimize the need for recovery efforts, and lower associated costs.

The Critical Controls encompass and amplify efforts over the last decade to develop security standards, including the Security Content Automation Protocol (SCAP) sponsored by the National Institute of Standards and Technology (NIST) and the Associated Manageable Network Plan Milestones and Network Security Tasks developed by the National Security Agency (NSA).

In particular, NSA's work allowed for prioritizing the controls based on whether they address operational conditions being actively targeted and exploited, combat a large number of attacks, block attacks early in the compromise cycle, and deal with an expected high impact of successful exploitation. The Controls focus on automation to provide cost efficiency, measurable results, scalability, and reliability.

The five critical tenets of an effective cyber defense system as reflected in the Critical Controls are:

Source Edit

Also on Fandom

Random Wiki