 |
| Cyber Periodic Table of 50 Enterprise Controls |
The material provides historic context, a broad overview, and specific vendors for each control. If you are new or interested in the field of cybersecurity, I recommend much of the information contained in the first paper (volume 1). At 388 pages, it might be too long for a casual reader. However roughly half the content is cybersecurity vendor lists - which is easily skimmed or skipped altogether. You should finish with a fair understanding of controls common in the industry.
Experienced practitioners are likely to discover one or more new vendors from a control outside your core expertise. Likewise, the detail may be helpful survey to begin researching an unfamiliar control. The information is different from a Forrester Wave or Gartner Magic Quadrant.
Application Security is relegated to a single control, categorized as a peer to Forensics and PCI-Compliance. This struck me as unusual, given the importance and scope of application security. I would argue Application Security should be classified as peer to the Network and Endpoint control categories.
Regardless, the material is well structured and covers a unusually broad array of topics. It is a valuable contribution provided free to the cybersecurity community. Thanks Edward!
Sources:
50 Enterprise Security Controls: Practical reference for the working cybersecurity professional
Industry Interviews: Leading professionals from cybersecurity vendors
Vendor Listings: 1,337 security vendors mapped to the 50 controls
No comments:
Post a Comment
Share your thoughts.