Streamlining Cybersecurity: SANS Collective Controls Catalog & the Collective Risk Model

Streamlining Cybersecurity: SANS Collective Controls Catalog & the Collective Risk Model

I recently caught a fantastic SANS webcast comparing and contrasting leading IT security standards. The presenters did a great job highlighting the strengths of each, culminating in a “Collective Controls Catalog” that synthesizes the best practices from across the industry. This is an invaluable resource, and I’m grateful to SANS for making it publicly available. You can find it below. Credit goes to SANS for this excellent work.

2022 version of Collective Risk Model (CRM) is born from discussions among cybersecurity professionals – in video conferences, over meals at conferences, and through extensive email exchanges – the CRM represents a significant step forward in practical risk management. This formal release provides a simple yet powerful model that the cybersecurity community can use to effectively manage and mitigate risks. It’s exciting to see such collaborative efforts shaping the future of cybersecurity. Links below.

https://www.auditscripts.com/free-resources/collective-risk-project/

AuditScripts-Collective-Assessment-Tool-v2023a
Collective-Control-Catalog-Measures-v2023
Collective-Control-Catalog-v2023
Cybersecurity-Standards-Scorecard-2022-Edition

Comments are closed.