Hi, the Center for Strategic and International Studies published an updated version of the Twenty Critical Controls for Effective Cyber Defense,
These controls reflect the consensus of many of the nation's top cyber defenders and attackers on which specific controls must be implemented first to mitigate known cyber threats. One of the most valuable uses of this report is to help organizations deploying the Twenty Critical Security Controls to be certain that no critical new attacks have been found that would force substantial changes in the Twenty Controls and at the same time to help people who are implementing the Twenty Critical Security Controls to focus their attention on the elements of the controls that need to be completed most immediately. The Key Elements of these attacks and associated Controls: User applications have vulnerabilities that can be exploited remotely, Controls 2 (Inventory of Software), 3 (Secure Configurations), and 10 (Vulnerability Assessment and Remediation) can ensure that vulnerable software is accounted for, identified for defensive planning, and remediated in a timely manner. Control 5 (Boundary Defenses) can provide some prevention/detection capability when attacks are launched. There is an increasing number of zero-days in these types of applications, Control 12 (Malware Defenses) is the most effective at mitigating many of these attacks because it can ensure that malware entering the network is effectively contained. Controls 2, 3, and 10 have minimal impact on zero-day exploits and Control 5 can provide some prevention/detection capabilities against zero-days as well as known exploits. Successful exploitation grants the attacker the same privileges on the network as the user and/or host that is compromised, Control 5 (Boundary Defenses) can ensure that compromised host systems (portable and static) can be contained. Controls 8 (Controlled Use of Administrative Privileges) and 9 (Controlled Access) limit what access the attacker has inside the enterprise once they have successfully exploited a user application. The attacker is masquerading as a legitimate user but is often performing actions that are not typical for that user. Controls 6 (Audit Logs) and 11 (Account Monitoring and Control) can help identify potentially malicious or suspicious behavior and Control 18 (Incident Response Capability) can assist in both detection and recovery from a compromise More information go through this link: http://csis.org/files/publication/Twenty_Critical_Controls_for_Effective_Cyber_Defense_CAG.pdf -- You received this message because you are subscribed to the Google Groups "nforceit" group. To post to this group, send an email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/nforceit?hl=en-GB.
