Chapter 24: Step 7 – Select and implement controls - The Cyber Security Handbook – Prepare for, respond to and recover from cyber attacks [Book]

CHAPTER 24: STEP 7 – SELECT AND IMPLEMENT CONTROLS

Your intended risk treatments are likely to fall within the CRF processes, telling you which ones you need and to what level of maturity you should aim to implement each, and by extension enabling you to refine your project plan (see appendix 2).

Where there is a large gap between your current and target states, it is sensible to take an iterative approach, making use of the continual improvement model you established in step 5 (chapter 22) and prioritising the controls that address the biggest risks. It is important, however, that each iteration maintains a balance between the three security pillars – people, processes and technology (see 5.2).

Remember that the full set of controls you implement ...

Get The Cyber Security Handbook – Prepare for, respond to and recover from cyber attacks now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

The Cyber Security Handbook – Prepare for, respond to and recover from cyber attacks by Alan Calder

CHAPTER 24: STEP 7 – SELECT AND IMPLEMENT CONTROLS

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly