The Center for Internet Security (CIS) Critical Security Controls present '20 most effective actions an organization can take to protect its data, employees and customers.'the controls include a wide-range of security issues that every information security leader should implement, monitor and track in order to effectively measure and manage risk. However, those that have tried to implement controls standards whether they are within the NIST, ISO, or CIS frameworks understand the immense challenges.
The implementation of security controls requires a comprehensive strategy and an investment of time, resources, and money. Security leaders need to ensure that they are able to effectively analyze their investments and that controls are in fact reducing risk. 'Countless organizations continue to invest haphazardly in their security programs and in particular in control implementation with little or no effect on their overall security posture.
In this presentation, Matt will provide: