Last week I had the opportunity to attend and participate in a panel discussion at the first SANS National CyberSecurity Innovation Conference in Washington, DC. While there I was able to learn from other security practitioners representing a wide array of industries each describe how they are securing their networks in creative ways. More often than not, success was achieved by leveraging existing tools and capabilities.
One of the more compelling topics was the Department of State implementation of the SANS Top 20 Security Controls. It was noteworthy that the Department of State was able to achieve an 85% decrease in vulnerabilities in the first year. What else are you doing that has this success rate?
SANS provides several resources to help understand and implement these controls, which ultimately provide the basis for continuous monitoring capabilities. There have been several webcasts on the Top 20 Controls. The most recent featured James Tarala who led a discussion on how a SIEM product can help implement these controls. Other resources are case studies, the Security 440 two day class and Security 566, a five day class on understanding and implementing these controls.