SANS Rocky Mountain Fall is Live Online! Join us Nov 2-7 MT for 17 interactive courses + NetWars. Save $300 thru 10/7.


Subscribe to SANS Newsletters

Join the SANS Community to receive the latest curated cyber security news, vulnerabilities and mitigations, training opportunities, and our webcast schedule.

The Critical Security Controls for Effective Cyber Defense 5.0 Opens to Public Comment

Council on CyberSecurity Values Feedback from Professional Community

  • Washington, D.C.
  • January 31, 2014

Today, the Council on CyberSecurity has made public the Critical Security Controls Draft Version 5.0 in their effort to receive feedback from the greater cybersecurity community. The Critical Security Controls is a recommended set of action items for cyber defense that provides specific and actionable ways to thwart the most pervasive cyber attacks.

"Over the past couple months, the Review & Update Panel--comprised of an impressive set of industry professionals and experts--made a variety of necessary changes to the previous version of The Critical Security Controls" stated Tony Sager, Director of Programs with the Council on CyberSecurity. "Now, we are reaching out to the broader community, asking them to review the panel's final 5.0 draft and provide feedback for any other changes that ought to be considered. The Controls are a valuable asset to increasing security and our goal is to continuously improve its relevance."

The Critical Security Controls Draft Version 5.0 can be accessed via the Council's website at All feedback can be communicated to the Council by sending emails to

The finalized 5.0 version of the Critical Security Controls will then be formally announced in San Francisco at the RSA Conference in late February 2014.

If interested in learning more about The Council on CyberSecurity, visit the website at

About the Council on CyberSecurity: The Council on CyberSecurity is an independent, expert, not-for-profit organization with a global scope committed to the security of an open Internet. The Council is committed to the ongoing development and widespread adoption of the Critical Controls, to elevating the competencies of the cybersecurity workforce, and to the development of policies that lead to measurable improvements in our ability to operate safely, securely and reliably in cyberspace. For more information, visit the website at

Media Contact

About SANS Institute

The SANS Institute was established in 1989 as a cooperative research and education organization. Today, SANS is the most trusted and, by far, the largest provider of cyber security training and certification to professionals in government and commercial institutions worldwide. Renowned SANS instructors teach more than 60 courses at In-Person and Live Online cyber security training events, and more than 50 courses are available anytime, anywhere with our OnDemand platform. GIAC, an affiliate of the SANS Institute, validates practitioner skills through more than 35 hands-on, technical certifications in cyber security. The SANS Technology Institute, a regionally accredited independent subsidiary, offers a master’s degree, graduate certificates, and an undergraduate certificate in cyber security. SANS Security Awareness, a division of SANS, provides organizations with a complete and comprehensive security awareness solution, enabling them to easily and effectively manage their ‘human’ cybersecurity risk. SANS also delivers a wide variety of free resources to the InfoSec community including consensus projects, research reports, webcasts, podcasts, and newsletters; it also operates the Internet's early warning system – the Internet Storm Center. At the heart of SANS are the many security practitioners, representing varied global organizations from corporations to universities, working together to support and educate the global information security community. (