*HP Cyber Risk Report 2015
*HP Cyber Risk Report 2015
*HP Cyber Risk Report 2015
DETECTION
GAP
RESPONSE
GAP
PREVENTION
WINDOW
20 Critical Security Controls NSA RankTripwire
Solutions
CSC1Inventory H/W Assets, Criticality,
and LocationVery High
CSC2Inventory S/W Assets, Criticality,
and LocationVery High
CSC3 Secure Configuration Servers Very High
CSC4Vulnerability Assessment
and RemediationVery High
CSC5 Malware Protection High/Medium
CSC6 Application Security High
CSC7 Wireless Device Control High
CSC8 Data Recovery Medium
CSC9 Security Skills Assessment Medium
CSC10 Secure Config-Network High/Medium
CSC11Limit and Control Network Ports,
Protocols, and ServicesHigh/Medium
CSC12 Control Admin Privileges High/Medium
CSC13 Boundary Defense High/Medium
CSC14Maintain, Monitor, and Analyze
Audit LogsMedium
CSC15 “Need-to-Know” Access Medium
CSC16 Account Monitoring and Control Medium
CSC17 Data Loss Prevention Medium/Low
CSC18 Incident Response Medium
CSC19Secure Network Engineering
(secure coding)Low
CSC20Penetration Testing and Red
Team ExercisesLow
An Ounce of Prevention …
20 Critical Security Controls NSA RankTripwire
Solutions
CSC1Inventory H/W Assets, Criticality,
and LocationVery High
CSC2Inventory S/W Assets, Criticality,
and LocationVery High
CSC3 Secure Configurations Very High
CSC4Vulnerability Assessment
and RemediationVery High
After A Breach, There Are More Questions Than Answers
A More Detailed View
http://www.tripwire.com/register/how-to-restore-trust-after-a-breach
http://www.tripwire.com/register/restoring-trust-after-a-breach-which-
systems-can-i-trust/
tripwire.com | @TripwireInc