A new report says failure to implement the 20 critical security controls constitutes a lack of “reasonable security” The controls California Attorney General Kamala Harris cited were developed seven years ago as the Consensus Audit Guidelines. The controls were developed by a consortium of public-private IT security experts under the auspices of the think tank Center for Strategic and International Studies and the SANS Institute. The report also recommends organizations adopt multifactor authentication on consumer-facing online accounts and use strong encryption on laptops and mobile devices to protect individual privacy.”]
Source: https://www.healthcareinfosecurity.com/analysis-calif-ag-report-on-adopting-security-controls-a-8901

