|
Getting your Trinity Audio player ready... |
Control categories
Controls within cybersecurity are grouped into three main categories:
- Administrative/Managerial controls
- Technical controls
- Physical controls
Administrative/Managerial controls address the human component of cybersecurity. These controls include policies and procedures that define how an organization manages data and clearly defines employee responsibilities, including their role in protecting the organization. While administrative controls are typically policy based, the enforcement of those policies may require the use of technical or physical controls.
Technical controls consist of solutions such as firewalls, intrusion detection systems (IDS), intrusion prevention systems (IPS), antivirus (AV) products, encryption, etc. Technical controls can be used in a number of ways to meet organizational goals and objectives.
Physical controls include door locks, cabinet locks, surveillance cameras, badge readers, etc. They are used to limit physical access to physical assets by unauthorized personnel.
Control types
Control types include, but are not limited to:
- Preventative
- Corrective
- Detective
- Deterrent
These controls work together to provide defense in depth and protect assets.
Preventative controls are designed to prevent an incident and irregularity from occurring in the first place. they are design to prevent an event from occurring
Corrective controls are used to restore an asset after an incident. they are designed to correct errors and irregularity which are occur in the system
Detective controls are implemented to determine whether an incident has occurred or is in progress. They are specially design to detect/find errors and problems during an event. these type system really help in control system
Deterrent controls are designed to discourage attacks. Deterrent controls also called administrative mechanisms.
Review the following charts for specific details about each type of control and its purpose.
Read More: Scope, Goals and risk assessment report
Administrative Control
Administrative control in cybersecurity design for controls in training, policy procedure etc.
| Control Name | Control Type | Control Purpose |
| Least Privilege | Preventative | Reduce risk and overall impact of malicious insider or compromised accounts |
| Disaster recovery plans | Corrective | Provide business continuity |
| Password Policies | Preventative | Reduce likelihood of account compromise through brute force or dictionary attack techniques |
| Access control Policies | Preventative | Bolster confidentiality and integrity by defining which groups can access or modify data |
| Account management policies | Preventative | Managing account lifecycle, reducing attack surface, and limiting overall impact from disgruntled former employees and default account usage. |
| Separation of duties | Preventative | Reduce risk and overall impact of malicious insider or compromised accounts |
Technical Controls
| Control Name | Control Type | Control Purpose |
| Firewall | Preventative | To filter unwanted or malicious traffic from entering the network |
| IDS/IPS | Detective | To detect and prevent anomalous traffic that matches a signature or rule |
| Encryption | Deterrent | Provide confidentiality to sensitive information |
| Backups | Corrective | Restore/recover from an event |
| Password Management | Preventative | Reduce password fatigue |
| Antivirus (AV) Software | Corrective | Detect and quarantine known threats |
| Manual Monitoring, and Intervention | Preventative | Necessary to identify and manage threats, risks, or vulnerabilities to out-of-date systems |
Physical Controls
| Control Name | Control Type | Control Purpose |
| Time controlled safe | Deterrent | Reduce attack surface and overall impact form physical threats |
| Closed Circuit Television (CCTV) | Preventative/Detective | Closed circuit television is both a preventative and detective control because it’s presence can reduce risk of certain types of events from occurring, and can be used after an event to inform on event conditions. |
| Locking cabinets (for network gear) | Preventative | Bolster integrity by preventing unauthorized personnel and other individuals from physically accessing or modifying network infrastructure gear |
| Signage indicating alarm service provider | Deterrent | Deter certain types of threats by making the likelihood of successful attack seem low |
| Locks | Deterrent/Preventative | Bolster integrity by deterring and preventing unauthorized personnel individuals from physically accessing assets |
| Fire detection and prevention (fire alarm, sprinkler system, etc.) | Detective/Preventative | Detect fire in physical location and prevent damage to physical assets such as inventory servers etc. |
| Adequate lighting | Preventative/Detective | Deter threats by limiting hiding places |
All controls are important for security audits, these controls are divided in different categories for different purpose. you need to be understand and implement all controls in security which are really helpful.
Read More: How to check compliance and control in Security audit
Form any question suggestion and recommendation please contact on contact@widelamp.com
