The 20 Critical Security Controls: From Framework to Operational to Implementation

Tuesday, 11 Jun 2019 3:30PM EDT (11 Jun 2019 19:30 UTC)
Speaker: Randy Marchany

The 20 CSC provide an excellent bridge between the high level security framework requirements and the operational commands needed to implement them. Implementation is a 3-7 year process depending on a wide variety of factors and constraints. This talk discusses our experiences in implementing the 20 CSC. For example, Control #1 has proved to be the most challenging one because it depends on how your IP addresses are generated by your networking group. We'll also discuss various tools and internal policies and standards that support a particular control's implementation. Finally, we'll show examples of how we measure progress. '

Login to Register

Related Content

ECE_-_Blog_-_Enhancing_Your_Cyber_Defense-_Comparing_Simulations_and_Tabletop_Exercises_340_x_340.jpg

Cybersecurity Leadership

Enhancing Your Cyber Defense: Comparing Simulations and Tabletop Exercises

Simulation and tabletop exercises are both valuable tools for enhancing incident response and strengthening organizational resilience.

NIS2_-_Blog_-_Beyond_Compliance-_Leveraging_NIS2_for_Enhanced_Cyber_Resilience_and_Leadership_Accountability_340_x_340.jpg

Cybersecurity Leadership

Beyond Compliance: Leveraging NIS2 for Enhanced Cyber Resilience and Leadership Accountability

To meet NIS2 risk assessment standards, organizations have multiple steps laid out ahead of them.

NIS2_-_Blog_-_Empowering_Cybersecurity_Excellence_340_x_340.jpg

Cybersecurity Leadership

Empowering Cybersecurity Excellence: Certifications as the Keystone of NIS2 Compliance

NIS2 creates more uniformity and consistency in cybersecurity and resilience across vital EU industries.

Brian Correia