1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

IDG Contributor Network: 9 critical controls for today's threats

Discussion in 'CSO' started by RSS, Jul 5, 2016.

  1. RSS

    RSS New Member Member

    In the past, we always played catch-up by implementing controls to deal with new threats. This allowed zero-day successes and successful attacks against resources when only the attackers knew of one or more vulnerabilities in our network. We tended to rely on vulnerability detection and associated risk management to protect confidentiality, integrity, and availability (CIA). While still a necessary process, vulnerability management alone falls far short.

    The Challenge

    When assessing risk using the formulaic model THREATS * VULNERABILITIES *BUSINESS IMPACT = RISK, we tended to avoid threat management. The argument for years was that we couldn’t cost effectively manage threats. Instead, we focused on identifying and managing vulnerabilities in the name of prevention. Today, security professionals understand that we need to shift much of our security effort to managing threats we know will eventually find their way into our network.

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page