The 3 Types Of Security Controls (Expert Explains) | PurpleSec

3 Views
Published
Security controls play a foundational role in shaping the actions cyber security professionals take to protect an organization.

There are three main types of IT security controls including technical, administrative, and physical. The primary goal for implementing a security control can be preventative, detective, corrective, compensatory, or act as a deterrent. Controls are also used to protect people as is the case with social engineering awareness training or policies.

What Is A Security Control?

Security controls are countermeasures or safeguards used to reduce the chances that a threat will exploit a vulnerability.

For example, implementing company-wide security awareness training to minimize the risk of a social engineering attack on your network, people, and information systems.

Video Chapters
------------------------------
00:00 - Introduction
00:40 - What Is A Security Control?
01:38 - What Are The Goals Of Security Controls?
04:10 - Understanding The Basics Of Risk & Threats
05:59 - Technical Controls
07:20 - Administrative Controls
09:29 - Physical Controls
10:01 - Preventative Controls
11:26 - Detective Controls
13:22 - Corrective Controls
14:02 - Deterrent Controls
15:00 - Compensating Controls
16:08 - Performing A Security Control Assessment

About The Author
------------------------------
Michael Swanagan, CISSP, CISA, CISM
https://purplesec.us/cyber-security-experts/michael-swanagan/

Resources & Links
------------------------------
What Is Cyber Security?
https://purplesec.us/cyber-security/

50 Free Information & Cyber Security Policy Templates
https://purplesec.us/resources/cyber-...

--------------------------------------

► If you need help securing your business from cyber attacks then feel free to reach out: https://purplesec.us/consultation/

►Find us on Pinterest: https://www.pinterest.com/purple_sec/

#securitycontrols #cybersecurity #expertexplains
Category
Management
Be the first to comment