Beruflich Dokumente
Kultur Dokumente
On 24 June 2014, Dr. Vilius Benetis, CISA, CRISC, cyber-security solutions architect,
presented a 60-minute webinar on 20 Critical Controls for Cyber Defense. It will be
available on archive until June 2015; please visit
http://www.isaca.org/cyber/Pages/Archived-CyberWebinars.aspx to access.
Vilius has been able to respond to the many of questions that were asked by
attendees. Below is a recap:
#
QUESTION
The controls details pre-incident
activity, where do I get
information about an attack in
progress, and how to get back to
a good state?
ANSWER
CC18 is about incident response, however it
is very brief. So I would suggest looking at
NIST SP 800-61, Rev. 2, for overall capability
building. And for practical guidance - what to
do - if you already have CC in place, you have
plenty of information to analyses from,
especially if you have capable HIDS and
forensic on host monitoring/recording
capability. Finally, if attack is advanced - you
might need to put new image on the system.
There are quite some activity guidance on
ISACA CSX publications/books I have
presented - www.isaca.org/cyber
CCs provide technical capabilities and
measurements to help prove compliance.
Most probably, if compliance is about
information security, the CCs will be relevant
for that.
Yes,
http://www.counciloncybersecurity.org/criticalcontrols/tools/ has mapping, however only for
critical controls 4.1, not updated to v5 yet but the essence is the same.
They are designed to deal with technical
aspects - practically what to do. In such way
they assist any management framework.
Most probably you should get Secure Web
Gateway function, if you google for them as
well include word "Gartner", you would get
analysis document of what such function
does, and what kind of vendors are players in
the market.
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
sure