The Critical Security Controls are now managed by the CIS with continuing involvement by the security community.
The Controls are prioritized to help organizations focus security efforts to have the greatest impact in improving their risk posture. Prior to this, security standards and requirements frameworks were predominantly compliance-based, with little relevance to the real-world threats they are intended to address. In 2008, NSA’s Information Assurance Directorate led a security community-driven effort to develop the original version of the Controls, then known as the “Consensus Audit Guidelines.” Over the years the SANS Institute, a research and education organization for security professionals, developed the Top 20 Critical Security Controls to address the need for a risk-based approach to security. The Controls are updated based on new attacks that are identified and analyzed by groups from Verizon to Symantec, so the Controls can stop or mitigate those attacks.įor a copy of the ranking, visit: Learn more about the Top 20 Critical Security Controls Our ranking speaks to that.”Ĭreated by the people who know how attacks work – NSA Red and Blue teams, the US Department of Energy nuclear energy labs, law enforcement organizations, and some of the nation's top forensics and incident response organizations – the Controls aim to help stop known attacks. “Of the 19 companies listed, no other providers can match the coverage our solutions offer, or their ability to empower customers with actionable intelligence and accelerated insight.
“We know organizations don’t have limitless resources, so we design solutions that help them focus on actions that make the biggest and most immediate impact,” said Lee Weiner, chief product officer at Rapid7. The Controls are designed using best-in-class threat data and provide actionable guidance to improve cybersecurity. The ranking found that Rapid7’s incident detection and response and threat exposure management solutions cover 19 of the 20 Controls as defined by CIS.Ī recommended set of actions for cyber defense designed to provide specific and actionable ways to stop today's most pervasive and dangerous attacks, the Controls focus on helping organizations minimize the risk they’re exposed to and harden resiliency. (NASDAQ: RPD), a leading provider of security data and analytics solutions, has been recognized by SANS for providing the most comprehensive coverage across the Center for Internet Security (CIS) Critical Security Controls for Effective Cyber Defense.
0 kommentar(er)
