security incomplete without you essay in english
Answers
Answer:
Introduction
While it is true that there are literally hundreds of Security Frameworks offering thousands of controls designed to help ensure that any particular network is compliant, most of these focus on compliance rather than security for known attack vectors. For instance, the National Institute of Standards and Technology (NIST) Security and Privacy Controls for Federal Information Systems and Organizations (NIST Special Publication 800-53 rev 4) offers 170 controls for covering various control families. Many of these controls are then decomposed into even more granular protections based upon the sensitivity of the protected data (NIST,xxx). Another example can be found within ISO 27002. Here there are “35 control objectives (one per ’security control category’)” with “114 defined controls” (ISO, 2013). Regardless of the framework chosen, there are controls designed to bolster the overall security of a system. Many times this focus on meeting the control objective leads to compliance rather than a focus on protecting current attack information.
The approach taken by the Center for Internet Security (CIS) is that the controls from these common frameworks is: