Security Control 101


In the realm of cybersecurity, controls or countermeasures serve as defenses against threats to a system’s vulnerabilities. The objective is to prevent, deter, deflect, mitigate, detect, or recover from potential harm. Analogous to the fortified structures of the Middle Ages, we employ a combination of physical, procedural, and technical controls to safeguard computing systems. Physical controls involve tangible barriers like walls or locks, procedural controls rely on rules and agreements, and technical controls leverage technology such as passwords, firewalls, and encryption. Security professionals carefully weigh the cost and effectiveness of these controls in relation to the likelihood and severity of potential harm, aiming to create a resilient and layered defense system. Just as a medieval fortress utilized multiple security characteristics, modern cybersecurity requires a multifaceted approach to protect against diverse threats.

File Type: pdf
Categories: GRC