Critical Security Controls for Effective Cyber Defense

Share it with your friends Like

Thanks! Share it with your friends!


BSides Detroit 13 June 7-8, 2013

Abstract: Evolving threats. Shrinking budgets. More to do. New compliance rules. Where do I start? How do I pick what's most important? What are my peers doing? How do I get management support? Is security even achievable?The Center for International and Strategic Studies (CSIS) Critical Security Controls for Effective Cyber Defense can help you sort through the chaos and be your roadmap to success, whether you are a small shop, a large organization on its way to ISO 27000, or beholden to NIST 800-53. This consensus driven distillation of critical controls, driven by actual, not theoretical threats, draws from the experiences of not only some of the top commercial forensic investigators but many arms of government including the DoD, FBI, NSA, the Department of State, the Department of Energy Nuclear Laboratories, and more.These controls were formerly known as the SANS 20 Critical Security Controls.

Speaker: Ken Evans


wanxiaoming says:

Good job! 20 CSCs save the world.

Gene K says:

Great job! I like NIST but having the CSC is a plus for integrators and people looking for the right ingredients to a perfect cake.

James Siegel says:

Took a couple copies of the poster, Plan on definitely looking at these controls. Thanks for the info Ken. This is a must watch video for those who think the NIST docs are too hard to understand. These controls look much better designed.

Write a comment