Sans Top 20 Security Controls. The 20 critical security controls were developed in the us. Along with simplifying the controls in v8 weve simplified the name to the cis controls.
Also they are constantly evaluated and updated based on the latest threats that exist according to some of the world leaders in the realm of cybersecurity. The 20 critical security controls were developed in the us. Security requires attention on multiple levels all the way from individual users and applications and down to the level of systems and networks.
In 2008 the sans institute a research and education organization for security professionals developed the top 20 critical security controls cscs to address the need for a risk based approach.
Leverages other best practice. Mapping the top 20 critical security controls this table below provides a high level mapping of deep securitys security controls to the sanscis top 20 critical security controls and also provides commentary on where cloud service providers csps like aws microsoft azure and others have a roll to play. The sans top 20 takes the most well known threats that exist to an organization and transforms it into actionable guidance to improve an organizations security posture. What are the sans top 20 critical security controls.