Print this chapterPrint this chapter

Risk Management

Instruction

Security Control Selection Principles

The total cost of a control includes the following:

  1. Selection

  2. Construction and replacement

  3. Acquisition (materials and mechanisms)

  4. Maintenance and testing

  5. Non-trivial operating cost

  6. Potential side effects

  7. Environmental modifications

  8. Impact on operations
Read the article, Critical Security Controls for Effective Cyber Defense, which lists the top twenty security controls as derived from the most common attack patterns.