Abstract
Today's digital economy encompasses a conglomeration of devices, data, applications, and complex networks that can be hosted on-premises, in data centers or in cloud environments to support business functions. As a cybersecurity professional, you will be tasked to manage risks like cyber threats and data breaches in the workplace. The risks may emanate from the data that resides in the systems, like servers, computers or external drives and the physical assets themselves, like routers and switches. The onus is on preventing security events and limiting the damage or consequences of any event that might happen. Managing these risks in an organization can be achieved by implementing cyber security controls and countermeasures. Cyber security controls can be categorized into three distinct major groups: administrative control, physical control, and technological control. The administrative controls focus on security policies, guidelines, rules, procedures and standards designed by management to control access and utilization of confidential information. Physical control refers to a set of IT security controls deployed at the physical premise to prevent unauthorized physical access to data centres. Technical controls involve the use of systems and technical solutions to prevent security events in networks and cloud platforms. Additionally, when implementing security controls, the function of cyber security controls can be broadly divided into seven groups: directive, deterrent, preventive, compensating, corrective, detective, and recovery controls. Furthermore, security frameworks such as NIST, CIS controls COBIT, and ISO/IEC series form the cornerstone of cyber security controls and countermeasures. The aforementioned aspects will be discussed further in the later sections. For now, it is to provide a general picture of the cyber security controls and countermeasures. Keywords – Security Controls, Countermeasures, Frameworks, Information Systems, Risk
Published Version (
Free)
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call