Skip to Main Content
Cybersecurity Program Development for Business
book

Cybersecurity Program Development for Business

by Chris Moschovitis
May 2018
Beginner to intermediate content levelBeginner to intermediate
224 pages
6h 26m
English
Wiley
Audiobook available
Content preview from Cybersecurity Program Development for Business

CHAPTER 10Controls

In Chapter 3, we defined the four broad types of controls: preventative, detective, corrective, and compensatory. Some analysts include a fifth type, called a targeted control or a countermeasure, which addresses a specific threat or a specific vulnerability. But for simplicity's sake, I'm going to include targeted controls as part of the four categories, depending on how they function.

Keep in mind that the examples that follow are just that, examples—not an exhaustive list by any means. New controls are developed almost daily as part of the constant arms race between hackers, cybersecurity vendors, developers, IT companies, end users, and governments.

Preventative Controls

Preventative controls are the road barriers of the information highway. They are designed to stop an attacker from getting to an asset. If the asset involves physical protection, then a good example of a preventative control would be security guards. Digital equivalents of the security guard include:

  • Antivirus and antimalware applications. Typically lumped under endpoint protection systems, these are mostly signature‐based applications that scan traffic, compare it against a known database of threats, and decide accordingly. What I mean by signature is that these viruses and malware programs, once discovered, are found to have a unique look, like a signature. That makes them identifiable to the antivirus and antimalware applications. They now know what to look for. These applications ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Executive's Cybersecurity Program Handbook

Executive's Cybersecurity Program Handbook

Jason Brown

Publisher Resources

ISBN: 9781119429517Purchase book