Forensics and Cyber Threat Research Area

Threat Intelligence | Insider Threat Detection | User Behavior Analytics | Cyber Threat Management | Data Security Intelligence | Cloud Security Intelligence Application Security Intelligence | Anomaly & Pattern Detection |  Security Information Event Management | Digital Forensics | Data Recovery | Malware Investigation | Packet Analytics | Packet Forensics | security operations and analytics platform architecture (SOAPA)

cyber security controls india

Home » Blog » Cyber Security Control

 Posted in Cyber Threat

Cyber Security Control

   3rd March 2016  2 Comments on Cyber Security Control 1 1727

Cyber Security Control

Project Name: Cyber Security Control
Description: Cyber Security Control India blog will help each IT employee to understand information environment in better way. The components of Cyber Security Controls

Author: Rohit D Sadgune

Summary of Content

  1. Components Of Cyber Security Controls
  2. Basic Requirement of Cyber Security Controls
  3. Types of Cyber Security Controls
  4. What are the different Information Security aspects to be considered for Cyber Security

What is a Cyber Security?

Cybersecurity is the division of information technology whose primary objective is to implement processes and practices configure to protect networks, computers, enterprise application and data from attack, damage or unauthorized.

Principle objective of cyber security is to maintain Confidentiality, Integrity, and Availability over the entire enterprise

Types of Cyber Security Controls

There are 6 main types of cyber security controls must implemented by enterprise Preventive, Detective, Corrective, Deterrent, Recovery, Recompense.

Preventive Controls

Preventive controls are the primary measures met by the adversary. The primary objective of preventive controls is to try to block security infection and enforce access control.

Detective Controls

Detective controls are implemented to intercept security breach and alert the defenders. The detective controls will play role when preventive controls have failed or have been bypassed by adversary. Detective measured include SIV( Signature integrity verifier), cryptographic checksums, audit trails and logs, and similar tools.

Corrective Controls

Corrective controls comes into the frame when adversary has already breached the enterprise environment .Although a infections spread, not all is lost, so security analyst and system admins try at most to recover. Corrective controls are highely depends on the area of the enterprise where advesavary has targeted most.

Deterrent Controls

Deterrent controls are implemented to tell adversaries or potential attackers that we have we have detected you and please stop doing same silly thing again and again.

Recovery Controls

Recovery controls are similar to corrective controls, Recovery Controls will get applied in higher level of incidents to recover from security infections and restore information. In most of scenarios recovery controls includes disaster recovery and business continuity tactics.

Recompense Controls

Recompense controls are deliberate to be alternative arrangements for other measures when the primary controls have failed or cannot be used. When any of the new control has addresses the same adversaries that are addressed by another set of primary controls, then newly implemented controls are Recompense controls.

 

Why Cyber Security Controls are important?

  • On daily basis new attack are getting invented, the volume of these attack are very high. These attack includes threats, targeted attacks, advance persistence threats, phishing scams, data leakages
  • On daily the average unprotected systems are increasing..
  • Millions of infected web pages are being discovered every day.
  • Hundreds of millions of events are involved in data breaches.
  • New attack methods are launched continuously.

 

cyber security controls india
cyber security control

Cyber Security Control

  1. Assets collections & management
  2. Logical asses collection & management (software / application inventory)
  3. Standard security configuration for all physical and logical assets
  4. Vulnerability management for respective assets of enterprise
  5. Malware Investigation
  6. Vulnerability assessment & Penetration testing for all application
  7. Continuous knowledge transfers & training sessions for employees
  8. Identity & access management
  9. Perimeter security
  10. Security information and event management
  11. Digital Forensics & Incident Response
  12. Monitoring threat intelligence.
Author: Rohit Sadgune
Core Working Areas :- Threat Intelligence, Digital Forensics, Incident Response, Fraud Investigation, Web Application Security Technical Certifications :- Computer Hacking Forensics Investigator | Certified Ethical Hacker | Certified Cyber crime investigator | Certified Professional Hacker | Certified Professional Forensics Analyst | Redhat certified Engineer | Cisco Certified Network Associates | Certified Firewall Solutions | Certified Network Monitoring Solution | Certified Proxy Solutions
Website

2 thoughts on “Cyber Security Control

Leave a Reply

Your email address will not be published. Required fields are marked *

Enter Captcha Here : *

Reload Image

Indicator of Attacks | Indicator of Compromise

Top SIEM Use Cases | Threat Hunting Hypothesis | Deep Packet Inspection | Insider Threat Hunting | Hunting Data Exfiltration | Banking Fraud | ATM Use Cases | Cross Channel Data Exfiltration | Hunting Endpoint Anomaly | Denial-of-service | Man-in-the-middle (MitM) attack | Spear phishing attacks | Drive-by attack | Eavesdropping attack | Birthday attack