SANS Launches New 20 Critical Controls InteractiveSANS Launches New 20 Critical Controls Interactive
Platform lets users choose how to consume them
April 20, 2010
WASHINGTON, April 19 /PRNewswire-USNewswire/ -- The SANS Institute released its 20 Critical Security Controls online interactive today, a platform built to simplify the controls and let users choose how to consume them.
The interactive offers abbreviated descriptions of each control delivered through an animated Flex graphic. When selecting one of the interactive's controls, a pop up appears with a control description, a link to the extended control description, a link to user vetted tools, and an audio presentation from Eric Cole, a SANS instructor who helped formulate the controls.
"SANS has featured the controls for some time, but the interactive will make them easier to understand, follow, and implement," said Adam Ross, SANS' managing editor. "The controls are so text heavy, we figured there had to be a way to simplify and tell their story in a more succinct manner."
The controls are judged by leading cybersecurity experts to be the most commonly used, and effective ways computer attackers gain entry to systems and networks. The automation of these controls has radically lowered the cost of security while improving effectiveness. These controls allow those responsible for compliance and those responsible for security to agree, for the first time, on what needs to be done to make systems safer. No development in security is having a more profound and far reaching impact. In one well known example, U.S. State Department Chief Information Officer John Streufert built a long-term continuous monitoring approach to cybersecurity with the critical controls in mind. In doing so, Streufert has demonstrated more than an 80 percent reduction in 'measured' security risk through the automation and measure of the controls.
Under the auspices of the Center for Strategic and International Studies, former U.S. Department of Energy and U.S. Air force Chief Information Officer John Gilligan brought together a consortium to determine and write the controls. Members of the consortium include NSA, US Cert, DoD, Cyber Crime Center, and the top commercial forensic experts and pen testers serving the banking and critical infrastructure communities.
You May Also Like
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication MethodsOct 26, 2023
Modern Supply Chain Security: Integrated, Interconnected, and Context-DrivenNov 06, 2023
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023
Passwords Are Passe: Next Gen Authentication Addresses Today's Threats
How to Deploy Zero Trust for Remote Workforce Security
What Ransomware Groups Look for in Enterprise Victims
How to Use Threat Intelligence to Mitigate Third-Party Risk
Concerns Mount Over Ransomware, Zero-Day Bugs, and AI-Enabled Malware