20 Critical Security Controls for Effective Cyber Defense

20 Critical Security Controls for Effective Cyber Defense

The Critical Controls for Effective Cyber Defense are a recommended set of best practices for cyber defense that provide specific and actionable ways to stop today’s most pervasive attacks. They were developed by a consortium of hundreds of security experts from across the public and private sectors. The Controls are derived from the most common attack patterns and serve as a very strong basis for high-value action.

The Controls prioritize and focus on actionable controls with high-payoff, aiming for a “must do first” philosophy.

  1. Inventory of authorized and unauthorized devices
  2. Inventory of authorized and unauthorized software
  3. Security configurations for hardware and software
  4. Continuous vulnerability assessment and remediation
  5. Malware defenses
  6. Application software security
  7. Wireless access control
  8. Data recovery capability
  9. Security skills assessment and appropriate training
  10. Secure configurations for network devices such as firewalls, routers and switches
  11. Limitation and control of network ports, protocols and services
  12. Controlled use of administrative privileges
  13. Boundary defense
  14. Maintenance, monitoring and analysis of audit logs
  15. Controlled access based on need-to-know
  16. Account monitoring and control
  17. Data protection
  18. Incident response management
  19. Secure network engineering
  20. Penetration tests and red team exercises

ACE IT Solutions’ security services, offered in partnership with IBM, are designed to help businesses build and maintain their security programs. Our security services provide practical and affordable ways to implement and automate many of the 20 CSCs. Businesses that are planning or already have implemented security monitoring can leverage our SIEM solution to assist with the 20 CSCs.

Contact ACE IT Solutions for a complimentary security assessment at 20 Critical Security Controls. See www.cybersecuritynyc.com for more information.