How to Build Your Cyber Defenses Even if You’re Not A Security Expert

by becki on August 9, 2009

Puzzle

Do you feel lost and overwhelmed when it comes to defending your company’s data networks? Do you want (need) some help?

SANS is running a series on 20 Critical Controls on its Security Leadership blog. Dr. Eric Cole, noted security expert, writes an article focusing on each control. In each article, he provides key steps to take and key tests to insure compliance with each control.

Many of these controls can be implemented and measured using existing tools found in many enterprises. Other controls can be fulfilled using commercial or, in some cases, free, open-source software. Still others may require an investment in new enterprise tools and personnel expertise. SANS 20 Critical Security Controls

SANS has prioritized the steps and divided these controls into the following categories:

  • Quick Wins – just as the name says, you can implement these quickly and improve your cyber defenses
  • Improved Visibility and Attribution – improve processes and architecture, and learn your systems
  • Hardened Configuration and Improved Information Security Hygiene – manage your network and servers
  • Advanced – controls that are beyond the other three.

What are you waiting for? Get on over to the SANS Security Leadership blog and learn how to implement these controls in your organization. You can do this!

Related Links

Join Dr. Eric Cole and others as they discuss these controls by viewing their webinar.

Share

Tagged as: consensus audit guidelines, Information Assurance, information security, SANS

{ 2 comments… read them below or add one }

Ramki B Ramakrishnan August 10, 2009 at 12:58 am

Most of IT Managers i meet now are out of sync when it comes to infosec. I always tell them to follow portals like ISC, Arbor, McAfee, etc to keep up.

Specifically SANS ISC, reading room, & portal are the extremely resourceful to any one in Infosec; be it Tech or Managerial level.

IMO SANS is the best when it comes to Infosec training, i did my GSEC and though i did not use it much in my job it gave me lot of insight. But SANS training is comparitively expensive and they no longer run any in-person training in India…

becki August 10, 2009 at 11:46 am

Ramki, thanks for helping others find the information that they need to secure their businesses. I believe that all people in IT should know at least the fundamentals of security.

I like SANS training too, and they offer a lot of good, free information on their website.

Leave a Comment

Previous post:

Next post: