Essential steps to create a effective cybercpace defence system
Critical steps Subject to Automated Collection, Measurement, and Validation
- Inventory of Authorized and Unauthorized Devices
- Inventory of Authorized and Unauthorized Software
- Secure Configurations for Hardware and Software
- Secure Configurations for Network Devices such as Firewalls, Routers,and Switches
- Boundary Defense
- Maintenance, Monitoring and Analysis of Security Audit Logs
- Application Software Security
- Controlled Use of Administrative Privileges
- Controlled Access Based on Need to Know
- Continuous Vulnerability Assessment and Remediation
- Account Monitoring and Control
- Malware Defenses
- Limitation and Control of Network Ports, Protocols, and Services
- Wireless Device Control
- Data Loss Prevention
Critical steps not directly supported by automated measurement and validation:
- Secure Network Engineering
- Penetration Tests and Exercises
- Incident Response Capability
- Data Recovery Capability
- Security Skills Assessment and Appropriate Training To Fill Gaps
