Security Controls

Security controls are measures put in place to protect an organization’s assets, systems, and data from threats. They can be classified into three categories:

Administrative Controls: Policies, procedures, and governance to manage and direct security efforts (e.g., security training, access control policies, incident response plans).
Technical Controls: Security mechanisms implemented through technology to protect systems (e.g., firewalls, encryption, intrusion detection systems).
Physical Controls: Physical measures to prevent unauthorized access to facilities and equipment (e.g., locks, surveillance cameras, security guards).

PreviousDefense in Depth NextCIA Triad

Last updated 1 month ago