November 30, 2017 By: Richard D. Condello NRECA Senior Director

Slides:



Advertisements
Similar presentations
1 SANS Technology Institute - Candidate for Master of Science Degree 1 Automating Crosswalk between SP 800, 20 Critical Controls, and Australian Government.
Advertisements

David A. Brown Chief Information Security Officer State of Ohio
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
I NDULGENC E There is no need for oversight or management direction. All staff members are superstars and act in the best interest of the company.
1 Telstra in Confidence Managing Security for our Mobile Technology.
Security Controls – What Works
Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.
Computer Security: Principles and Practice
Citadel Security Software Presents Are you Vulnerable? Bill Diamond Senior Security Engineer
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
SEC835 Database and Web application security Information Security Architecture.
E-Security: 10 Steps to Protect Your School’s Network NEN – the education network.
Thomas Levy. Agenda 1.Aims: Reducing Cyber Risk 2.Information Risk Management 3.Secure Configuration 4.Network Security 5.Managing User Access 6.Education.
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
Continuous Monitoring: Diagnostics & Mitigation October 24, 2012.
Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.
Ali Pabrai, CISSP, CSCS ecfirst, chairman & ceo Preparing for a HIPAA Security Audit.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
HO © 2012 Fluor. All rights reserved. Quick Wins in Vulnerability Management Classification: Confidential Owner: Michael Holcomb Approver: Phil.
Lecture 19 Page 1 CS 236 Online Securing Your System CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
CSCE 548 Secure Software Development Security Operations.
Rob Davidson, Partner Technology Specialist Microsoft Management Servers: Using management to stay secure.
Critical Security Controls & Effective Cyber Defense Hasain “The Wolf”
IPv6 security for WLCG sites (preparing for ISGC2016 talk) David Kelsey (STFC-RAL) HEPiX IPv6 WG, CERN 22 Jan 2016.
Role Of Network IDS in Network Perimeter Defense.
IS3220 Information Technology Infrastructure Security
Information Security tools for records managers Frank Rankin.
Risk Assessments in Many Flavors George J. Dolicker, CISA, CISSP.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 17 – IT Security.
Lecture 19 Page 1 CS 236 Online 6. Application Software Security Why it’s important: –Security flaws in applications are increasingly the attacker’s entry.
Security and resilience for Smart Hospitals Key findings
Defining your requirements for a successful security (and compliance
Information Systems Security
Brian Ventura SANS Community Instructor
Your Partner for Superior Cybersecurity
Chapter 7. Identifying Assets and Activities to Be Protected
Your security risk is higher than ever.
Cybersecurity - What’s Next? June 2017
Critical Security Controls
Cyber Security Enterprise Risk Management: Key to an Organization’s Resilience Richard A. Spires CEO, Learning Tree International Former CIO, IRS and.
INDULGENCE There is no need for oversight or management direction. All staff members are superstars and act in the best interest of the company.
Security Standard: “reasonable security”
Compliance with hardening standards
Putting It All Together
Putting It All Together
Leverage What’s Out There
Introduction to the Federal Defense Acquisition Regulation
Cyber Protections: First Step, Risk Assessment
BUILDING A PRIVACY AND SECURITY PROGRAM FOR YOUR NON-PROFIT
Introduction to Networking
NYBA 2017 Technology, Compliance &
Audit Findings: SQL Database
5G Security Training
I have many checklists: how do I get started with cyber security?
Determined Human Adversaries: Mitigations
Risks & Reality Cyber Security Risks & Reality
Implementing and Auditing the Critical Controls
UConn NIST Compliance Project
Shifting from “Incident” to “Continuous” Response
Cybersecurity Special Public Meeting/Commission Workshop for Natural Gas Utilities September 27, 2018.
National Cyber Security
Network Security Best Practices
EDUCAUSE Security Professionals Conference 2018 Jason Pufahl, CISO
Drew Hunt Network Security Analyst Valley Medical Center
Presentation slide for courses, classes, lectures et al.
Cybersecurity Threat Assessment
Determined Human Adversaries: Mitigations
16. Account Monitoring and Control
6. Application Software Security
In the attack index…what number is your Company?
Presentation transcript:

November 30, 2017 By: Richard D. Condello NRECA Senior Director Implementing the Center for Internet Security (CIS) Critical Security Controls (CSC) November 30, 2017 By: Richard D. Condello NRECA Senior Director

How To Eat a Herd of Elephants Without Being Trampled to Death November 30, 2017 By: Richard D. Condello NRECA Senior Director

Purpose To familiarize you with the 20 Critical Security Controls Give you the benefit of our experience to date Get a discussion going here this morning To help you decide your path forward

Everything needs context It matters where you are at the moment What controls you need What controls you have What is the Effectiveness of your existing controls How much work can you take on A little bit about me Aim for Font size 28 Background and start the (successful) Story Simple Unexpected Concrete Credible Emotion (tap into a) Story Context in which I work, etc. Who are you? Are there any lawyers present? Who has started or has implemented a framework/controls? If anyone can’t respect the need for confidentiality as I will be disclosing some elements of the NRECA Information Security Program

A Little About Me

Why we are believers Implementing the CSCs is working for us We saw measurable results in about 15 months Penetration Testers were not able to escalate privileges Forensics evaluation found no anomalous behaviors Survived an external program assessment Passed Internal Audit Passed External Financial Controls Audit

Attack Lifecycle Model http://intelreport.mandiant.com/

Information Assurance Frameworks Many industry groups trying to address the issues Numerous frameworks have been established NIST 800-53 NIST Core Framework ISO 27000 Series CoBIT IT Assurance Framework (ITAF) IT Baseline Protection Manual Consensus Audit Guidelines / Critical Security Controls Many, many others

Select a starting point Your context matters Do you have existing frameworks? Do you at least have a Program Framework in mind? We picked ISO 27001/ 27002 / 2005 standards Pick something that is right sized Suggest one programmatic and one technical

Enter the CIS Critical Security Controls For Effective Cyber Defense A realistic solution Defines specific defenses against known cyber attacks Created and maintained by a volunteer army Provides actionable tasks in clear language

History and Document Contributors US Contributors Include: International Contributors Include: Department of Homeland Security (DHS) National Security Agency (NSA) Department of Energy (DoE) Laboratories Department of State (DoS) US-CERT and other incident response teams DoD Cyber Crime Center (DC3) The Federal Reserve The SANS Institute Civilian penetration testers Numerous other Federal CIOs and CISOs Hundreds of other private sector researchers UK Government Communications Headquarters (GCHQ) UK Centre for the Protection of National Infrastructure (CPNI) Australian Defence Signals Directorate (DSD) Japanese Security Researchers Scandinavian Security Researchers GCC Security Researchers Turkish Security Researchers Canadian Security Researchers Many other international researchers

Offense Informs Defense Continuous Diagnostics & Mitigation Prioritization Metrics Continuous Diagnostics & Mitigation Automation

By the Numbers….. 20 Critical High Level Controls 148 sub-controls 125 Foundational, 23 Advanced 9 System, 5 Network and 6 Application 96 Measures, metrics and thresholds 30 Effectiveness tests 4 Governance items and 15 Governance topics 23 Attack Types

The Controls Inventory of Authorized and Unauthorized Devices Inventory of Authorized and Unauthorized Software Secure Configurations for Hardware and Software on Mobile Devices, Laptops, Workstations and Servers Continuous Vulnerability Assessment and Remediation Controlled Use of Administrative Privileges Maintenance, Monitoring and Analysis of Audit Logs Email and Web Browser Protections Malware Defenses Limitation and Control of Network Ports Data Recovery Capability Secure Configurations for Network Devices such as Firewalls, Routers, and Switches Boundary Defense Data Protection Controlled Access Based on the Need to Know Wireless Access Control Account Monitoring and Control Security Skills Assessment and Appropriate Training To Fill Gaps Application Software Security Incident Response and Management Penetration Tests and Red Team Exercises

Secure Configurations Hardware Inventory and NAC Penetration Tests and Exercises Software Inventory and Whitelisting CSC 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 Incident Management Host Secure Configurations Application Security Vulnerability Management Training Administrative Privileges Account Control Audit Logs Wireless Email and Web Browser Controlled Access Malware Defense Data Protection Network Ports Protocols Services Boundary Defense Data Recovery Network Secure Configurations

Measures, Metrics and Thresholds Each Measure has lower, moderate and higher risk thresholds Time based: An hour, a day and a week Percentage based:1%, 4% and 10% Quantitative : How many – you set your own thresholds except for CSC 20 This is where automation hits the road

Example Measures How long does it take to deploy operating system patches? (CSC 4 Vulnerability Management) What percentage of elevated accounts do not require two factor authentication? (CSC 5 Admin Access) How many attempts to gain access to password files have been detected recently? (CSC 16 Controlled Access)

Effectiveness Testing 30 Tests to run, some are quite complex Adding items to your environment and seeing what your responses are Just think like the bad guys x 10 Periodic – need to decide what frequency to run the tests Need to design your systems so they can be tested

Example Testing Connect hardened systems to the network and verify that the system generates an alert (CSC 1 Hardware Inventory and NAC) Attempt to gain access to cross section of devices using default administrator passwords (CSC 5 Admin Access) Perform authorized phishing attempts (CSC 7 Email and Browser Protections)

Attack Types 23 Attack types Useful for risk assessments Can cross reference to top level controls (v5) Can be used mitigate Incident Scenarios We identified 9 Incident Scenarios

Example Attack Types Attackers distribute hostile content on Internet-accessible websites that exploit unpatched and improperly secured client software running on Attackers exploit users and system administrators via social engineering scams that work because of a lack of security skills and awareness Attackers exploit weak application software, particularly web applications, through attack vectors such as SQL injection, cross- site scripting, and similar tools

Example Incident Scenarios Attackers exploit Inbound email to introduce malware into the environment Attackers exploit our Websites to either introduce malware or to extract data directly Insiders surfing the internet resulting in malware being introduced into the environment

Tying Things Together Attack Type: Attacker exploit users and system administrators via social engineering scams that work because of a lack of security skills and awareness Incident Scenario: Attackers exploit Inbound email to introduce malware into the environment Applicable Controls: 05 Controlled Use of Administrative Privileges 07 Email and Web Browser Protections 16 Account Monitoring and Control 17 Security Skills Assessment and Appropriate Training to Fill Gaps

Other Component Parts Governance Controls Defines 15 categories of governance controls Appendices: Evolving An Attack Model NIST Framework National Hygiene Campaign Privacy Impact Assessment

Select an approach Essential that you are thoughtful and organized A huge task to undertake If you aren’t careful you can actually make things worse Going to need a lot of support and resources Have some idea of time frame, length of time Project vs. Operational focus

Start with an Assessment Broke the 149 sub-controls into device and area specific sub- controls (350 total) Surveyed by team Overall effectiveness vs. the actual words Aggregated results, worked out differences between teams Risk ranked based on the security value Validate against effectiveness measures

What We Discovered Tangible benefits from initial assessment Identified Any really serious gaps Low hanging fruit Anything close to completion Absolutely need high-level prioritization Absolutely need project management

Hardware Inventory and NAC Penetration Tests and Exercises Software Inventory and Whitelisting CSC 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 Incident Management Host Secure Configurations Application Security Vulnerability Management Training Administrative Privileges Account Control Audit Logs Wireless Email and Web Browser Controlled Access Malware Defense Data Protection Network Ports, Protocols, and Services Boundary Defense Data Recovery Network Secure Configurations Quick Wins based upon risk Assessment

Created a Formal Project Cross-functional teams Qualified Project Manager Let the teams self-identify the work within the work Made it a real priority Obtained the tools and training that the teams needed

Get training and awareness program going Hardware Inventory and NAC Penetration Tests and Exercises Software Inventory and Whitelisting CSC 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 Incident Management Host Secure Configurations Application Security Vulnerability Management Training Administrative Privileges Account Control Audit Logs Wireless Email and Web Browser Controlled Access Malware Defense Data Protection Network Ports, Protocols, and Services Boundary Defense Data Recovery Network Secure Configurations Get training and awareness program going

Hardware Inventory and NAC Penetration Tests and Exercises Software Inventory and Whitelisting CSC 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 Incident Management Host Secure Configurations Application Security Vulnerability Management Administrative Privileges Account Control Audit Logs Wireless Email and Web Browser Controlled Access Malware Defense Data Protection Network Ports, Protocols, and Services Boundary Defense Data Recovery Network Secure Configurations Drive to Vulnerability Management

Hardware Inventory and NAC Penetration Tests and Exercises Software Inventory and Whitelisting CSC 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 Incident Management Host Secure Configurations Application Security Vulnerability Management Training Administrative Privileges Account Control Audit Logs Wireless Email and Web Browser Controlled Access Malware Defense Data Protection Network Ports, Protocols, and Services Boundary Defense Data Recovery Network Secure Configurations Drive to Vulnerability Management and Include Network secure Configurations

Tackle Incident Management, Audit Logs and Data Recovery Hardware Inventory and NAC Penetration Tests and Exercises Software Inventory and Whitelisting CSC 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 Incident Management Host Secure Configurations Application Security Vulnerability Management Training Administrative Privileges Account Control Audit Logs Wireless Email and Web Browser Controlled Access Malware Defense Data Protection Network Ports, Protocols, and Services Boundary Defense Data Recovery Network Secure Configurations Tackle Incident Management, Audit Logs and Data Recovery

In many cases Incident Management may include Penetration Exercises Hardware Inventory and NAC Penetration Tests and Exercises Software Inventory and Whitelisting CSC 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 Incident Management Host Secure Configurations Application Security Vulnerability Management Training Administrative Privileges Account Control Audit Logs Wireless Email and Web Browser Controlled Access Malware Defense Data Protection Network Ports, Protocols, and Services Boundary Defense Data Recovery In many cases Incident Management may include Penetration Exercises Network Secure Configurations

Complete controls over Accounts and data Hardware Inventory and NAC Penetration Tests and Exercises Software Inventory and Whitelisting CSC 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 Incident Management Host Secure Configurations Application Security Vulnerability Management Training Administrative Privileges Account Control Audit Logs Wireless Email and Web Browser Controlled Access Malware Defense Data Protection Network Ports, Protocols, and Services Boundary Defense Data Recovery Network Secure Configurations Complete controls over Accounts and data

May want to attack App Sec, Email and Browsers at same time Hardware Inventory and NAC Penetration Tests and Exercises Software Inventory and Whitelisting CSC 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 Incident Management Host Secure Configurations Application Security Vulnerability Management Training Administrative Privileges Account Control Audit Logs Wireless Email and Web Browser Controlled Access Malware Defense Data Protection Network Ports, Protocols, and Services Boundary Defense Data Recovery Network Secure Configurations May want to attack App Sec, Email and Browsers at same time

Consider all of the network related controls together Hardware Inventory and NAC Penetration Tests and Exercises Software Inventory and Whitelisting CSC 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 Incident Management Host Secure Configurations Application Security Vulnerability Management Training Administrative Privileges Account Control Audit Logs Wireless Email and Web Browser Controlled Access Malware Defense Data Protection Network Ports, Protocols, and Services Boundary Defense Data Recovery Network Secure Configurations Consider all of the network related controls together

Putting it all Together

Hardware Inventory and NAC Penetration Tests and Exercises Software Inventory and Whitelisting CSC 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 Incident Management Host Secure Configurations Application Security Vulnerability Management Training Administrative Privileges Account Control Audit Logs Wireless Email and Web Browser Controlled Access Malware Defense Data Protection Network Ports, Protocols, and Services Boundary Defense Data Recovery Network Secure Configurations Quick Wins based upon risk Assessment

Hardware Inventory and NAC Penetration Tests and Exercises Software Inventory and Whitelisting CSC 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 Incident Management Host Secure Configurations Application Security Vulnerability Management Training Administrative Privileges Account Control Audit Logs Wireless Email and Web Browser Controlled Access Malware Defense Data Protection Network Ports, Protocols, and Services Boundary Defense Data Recovery Network Secure Configurations Start with training

Hardware Inventory and NAC Penetration Tests and Exercises Software Inventory and Whitelisting CSC 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 Incident Management Host Secure Configurations Application Security Vulnerability Management Training Administrative Privileges Account Control Audit Logs Wireless Email and Web Browser Controlled Access Malware Defense Data Protection Network Ports, Protocols, and Services Boundary Defense Data Recovery Network Secure Configurations Drive to Vulnerability Management

Hardware Inventory and NAC Penetration Tests and Exercises Software Inventory and Whitelisting CSC 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 Incident Management Host Secure Configurations Application Security Vulnerability Management Training Administrative Privileges Account Control Audit Logs Wireless Email and Web Browser Controlled Access Malware Defense Data Protection Network Ports, Protocols, and Services Boundary Defense Data Recovery Network Secure Configurations Add in Incident Response

Hardware Inventory and NAC Penetration Tests and Exercises Software Inventory and Whitelisting CSC 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 Incident Management Host Secure Configurations Application Security Vulnerability Management Training Administrative Privileges Account Control Audit Logs Wireless Email and Web Browser Controlled Access Malware Defense Data Protection Network Ports, Protocols, and Services Boundary Defense Data Recovery Network Secure Configurations Complete controls over Accounts and data

Hardware Inventory and NAC Penetration Tests and Exercises Software Inventory and Whitelisting CSC 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 Incident Management Host Secure Configurations Application Security Vulnerability Management Training Administrative Privileges Account Control Audit Logs Wireless Email and Web Browser Controlled Access Malware Defense Data Protection Network Ports, Protocols, and Services Boundary Defense Data Recovery Network Secure Configurations Complete app sec, email and browsers

Ensure Network Controls are completed Hardware Inventory and NAC Penetration Tests and Exercises Software Inventory and Whitelisting CSC 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 Incident Management Host Secure Configurations Application Security Vulnerability Management Training Administrative Privileges Account Control Audit Logs Wireless Email and Web Browser Controlled Access Malware Defense Data Protection Network Ports, Protocols, and Services Boundary Defense Data Recovery Ensure Network Controls are completed Network Secure Configurations

An “On Ramp” to Compliance Use the CSC Compliance model if its useful Mappings currently exist between the CSCs and: NIST 800-53 rev4 NIST Cyber Security Framework ISO 27002 Control Catalog HIPAA / HITECH Act

Actionable Next Steps Get Charter from Senior Executives Create governance structures Document policies Implement the controls defined by policies Measure/audit the controls that are defined by the policies Communicate, Communicate, Communicate

In Summary Implementing these controls will mitigate risks But its easy to get overwhelmed Do at least a high-level risk assessment Prioritize actions Get the quick wins Settle in for the long haul Know that there is a lot of help available

Q & A

Resources for further study: The Critical Security Controls Courses – SEC 440 / 566 The Critical Security Controls Project AuditScripts.com Resources Mandiant APT1 Report (with Appendixes) The Security Content Automation Protocol (SCAP) by NIST NIST 800 Series Special Publications DHS Cyber Security Tool cset

Hardware Inventory and NAC Penetration Tests and Exercises Software Inventory and Whitelisting CSC 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 Incident Management Host Secure Configurations Application Security Vulnerability Management Training Administrative Privileges Account Control Audit Logs Wireless Email and Web Browser Controlled Access Malware Defense Data Protection Network Ports, Protocols, and Services Basic Structure Boundary Defense Data Recovery – System Network Secure Configurations

Hardware Inventory and NAC Penetration Tests and Exercises Software Inventory and Whitelisting CSC 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 Incident Management Host Secure Configurations Application Security Vulnerability Management Training Administrative Privileges Account Control Audit Logs Wireless Email and Web Browser Controlled Access Malware Defense Data Protection Network Ports, Protocols, and Services Basic Structure Boundary Defense Data Recovery Network Secure Configurations – Network

Hardware Inventory and NAC Penetration Tests and Exercises Software Inventory and Whitelisting CSC 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 Incident Management Host Secure Configurations Application Security Vulnerability Management Training Administrative Privileges Account Control Audit Logs Wireless Email and Web Browser Controlled Access Malware Defense Data Protection Network Ports, Protocols, and Services Basic Structure Boundary Defense Data Recovery Network Secure Configurations – Application

Hardware Inventory and NAC Penetration Tests and Exercises Software Inventory and Whitelisting CSC 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 Incident Management Host Secure Configurations Application Security Vulnerability Management Training Administrative Privileges Account Control Audit Logs Wireless Email and Web Browser Controlled Access Malware Defense Data Protection Network Ports, Protocols, and Services Basic Structure Boundary Defense Data Recovery – System Network Secure Configurations – Network – Application

Hardware Inventory and NAC Penetration Tests and Exercises Software Inventory and Whitelisting CSC 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 Incident Management Host Secure Configurations Application Security Vulnerability Management Training Administrative Privileges Account Control Audit Logs Wireless Email and Web Browser Controlled Access Malware Defense Governance (what you should do) Data Protection Network Ports, Protocols, and Services – Identify Info Assets Boundary Defense Data Recovery Network Secure Configurations

Hardware Inventory and NAC Penetration Tests and Exercises Software Inventory and Whitelisting CSC 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 Incident Management Host Secure Configurations Application Security Vulnerability Management Training Administrative Privileges Account Control Audit Logs Wireless Email and Web Browser Controlled Access Malware Defense Governance (what you should do) Data Protection Network Ports, Protocols, and Services Boundary Defense Data Recovery – Know Your Vulnerabilities Network Secure Configurations

Hardware Inventory and NAC Penetration Tests and Exercises Software Inventory and Whitelisting CSC 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 Incident Management Host Secure Configurations Application Security Vulnerability Management Training Administrative Privileges Account Control Audit Logs Wireless Email and Web Browser Controlled Access Malware Defense Governance (what you should do) Data Protection Network Ports, Protocols, and Services Boundary Defense Data Recovery Network Secure Configurations – Identify Key Threats

Hardware Inventory and NAC Penetration Tests and Exercises Software Inventory and Whitelisting CSC 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 Incident Management Host Secure Configurations Application Security Vulnerability Management Training Administrative Privileges Account Control Audit Logs Wireless Email and Web Browser Controlled Access Malware Defense Governance (what you should do) Data Protection Network Ports, Protocols, and Services – Identify Info Assets Boundary Defense Data Recovery – Know Vulnerabilities Network Secure Configurations – Identify Key Threats – Control Access

Hardware Inventory and NAC Penetration Tests and Exercises Software Inventory and Whitelisting CSC 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 Incident Management Host Secure Configurations Application Security Vulnerability Management Training Administrative Privileges Account Control Audit Logs Wireless Email and Web Browser Controlled Access Malware Defense Governance (what you should do) Data Protection Network Ports, Protocols, and Services – Identify Info Assets Boundary Defense Data Recovery – Know Vulnerabilities Network Secure Configurations – Identify Key Threats – Control Access

All the 20 controls are in progress if not finished Hardware Inventory and NAC Penetration Tests and Exercises Software Inventory and Whitelisting CSC 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 Incident Management Host Secure Configurations Application Security Vulnerability Management Training Administrative Privileges Account Control Audit Logs Wireless Email and Web Browser Controlled Access Malware Defense Data Protection Network Ports, Protocols, and Services Boundary Defense Data Recovery All the 20 controls are in progress if not finished Network Secure Configurations

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.