Dyson College of Arts and Sciences
Issue link: http://dysoncollege.uberflip.com/i/633753
12. Controlled Use of Administrative Privileges 13. Boundary Defense 14. Maintenance, Monitoring and Analysis of Audit Logs 15. Controlled Access Based on Need to Know 16. Account Monitoring & Control 17. Data Loss Prevention 18. Incident Response Capability (validates manually) 19. Secure N/W Engineering (validated manually) 20. Pen Tests, Red Team Exercises (val. manually) Table III The Council on CyberSecurity's Top 20 Critical Security Controls Real World Examples of 'Soft' Cyber Attacks that Illustrate the Relevancy of the Controls The relevancy and timeliness of the research, creation, and subsequent public release of the critical security controls are substantial, given that the threats targeting the U.S. constantly grow in number and sophistication. While some of the controls are targeted towards software (operating systems and application-specific), others are geared towards hardware, or, more appropriately, the software configurations associated with information technology devices and the operating systems that they run. Still other manifestations of the controls include managerial-level activities, such as controlling the number of individuals possessing administrative-level credentials and administering the 'Principle of Least Privilege' to individuals who do not necessarily need access to vast troves of information (think Edward Snowden). To demonstrate the relevancy of the security controls, appearing below are some of the more high-profile successful cyber-attacks and the associated control that, if implemented prior to the associated attack, might have mitigated the losses, deterred the attackers, or perhaps may have prevented the attack from even occurring. In an online presentation entitled, "Critical Controls Security Briefing Webcast" sponsored by SANS on March 4, 2015, guest speaker Ann Barron-DiCamillo, Director of the US-CERT, said in a presentation that five of the critical controls if applied correctly, would result in reducing 85% of attempted cyber-attacks. To demonstrate the relevancy of the security controls, appearing below are some of the more high- profile successful cyber-attacks and the associated control that, if implemented prior to the associated attack, might have mitigated the losses, deterred the attackers, or perhaps may have prevented the attack from even occurring. Relevant CSC Control (1): Inventory of Authorized and Unauthorized Devices Company: Bit9 6, 7 , Attacked: February 2013 Bit9 is a 'security whitelisting vendor', meaning that they sell products that control whether applications are allowed to run on their client machines. This is done via 'whitelisting' (as opposed to 'blacklisting') in which software application lists contain the names and versions of all the programs that a firm might need for effective daily operations of their IT processing environment. What makes Bit9 interesting is that 64