Weekly Executive Summary for Week of March 3, 2017

Focusing On Basic Security Critical Security Controls

With the increasing number of breaches and security incidents, analysts and investigators reveal that the main reason behind these attacks were weak or non-existing security controls and practices.  The main problem in cybersecurity is not choosing the right security solution but choosing the most effective cybersecurity framework.  The Center of Internet Security (CIS) Critical Security Controls have proven to be a viable solution.  There are 20 controls in the latest version, 6.1, but the first six controls are what needs to be focused on to prevent disruptive attacks.  Following an effective security program like the CIS Critical Security Controls to implement mature processes can provide any organization an easy start to reducing the risks and impacts of cybersecurity attacks.

The First Six CIS Critical Security Controls for Effective Cyber Defense

Source: SANS Institute InfoSec Reading Room:
Back to Basics: Focus on the First Six CIS Critical Security Controls by John Pescatore

Note: The purpose of the weekly executive summary is to provide useful information that a business or agency could use in both its cybersecurity and business strategies. In order for this website to serve the community we need to know your concerns and questions about (for example) proper safeguards for technology you’re looking into or what sets of compliance and governance policies would you need to operate a particular business. The CSCC openly invites you to send in your inquiries. We’ll have students research your issues and provide an analysis of the information at hand to guide you with all things cybersecurity. Mail us at: uhwocscc@hawaii.edu