From the course: IT and Cybersecurity Risk Management Essential Training
Join today to access over 24,000 courses taught by industry experts.
Implementing controls
From the course: IT and Cybersecurity Risk Management Essential Training
Implementing controls
- [Instructor] My perspective on implementing controls comes largely from my experiences working as a chief information security officer. When I operationalized our security policies, I realized there were three types of controls based on the area of impact. Administrative, infrastructure, and workforce. An administrative control is usually non-technical, and typically happens behind the scenes from the perspective of a workforce member. A common example would be the addition of cybersecurity requirements to a subcontractor agreement. In contrast, and infrastructure control is technical in nature, but it also typically happens behind the scenes. Increasing the strength of an encrypted network connection used by hundreds or thousands of people isn't generally visible to them. But implementing a workforce control is risky, and can cause all kinds of chaos. One of my biggest concerns was how new or modified controls…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.