A growing number of organizations are looking for ways to help make sure they’re using the right security controls to prevent a data breach or speed up detection of a compromise. The SANS 20 Critical Security Controls guidance offers technical controls, not processes, rather than processes. A successful rollout requires winning management support, designing processes to support the technology and regularly assessing whether the controls are effective. Getting support from top management is critical when implementing technical controls is critical, says J.J. Thompson, CEO of Rook Consulting.”]
Source: https://www.cuinfosecurity.com/making-most-technical-controls-a-6095