Cyber Security controls types and functions

In the ever-evolving landscape of information security, it's crucial to have a comprehensive understanding of the various security controls and the broader framework in which they operate. This article aims to shed light on the five essential security controls and the concept of Sphere of Use and Sphere of Protection, which are paramount in safeguarding sensitive data and systems.

1. Directive Controls - Setting the Rules

Directive controls, often in the form of policies and guidelines, serve as the foundation of any robust security strategy. These controls establish the rules and standards that an organization must follow to maintain a secure environment.

2. Deterrent Controls - Discouraging Potential Threats

Deterrent controls work on a psychological level, dissuading potential attackers from attempting unauthorized intrusions. These controls convey the message that security is a top priority and that any breach attempts will be met with swift and decisive action.

3. Preventative Controls - Stopping Threats in Their Tracks

Preventative controls encompass a wide range of security measures designed to prevent unauthorized activities. They can be categorized into three main types:

• Physical Controls: Examples include fences, locks, and alarm systems.
• Technical Controls: These involve antivirus software, firewalls, and intrusion prevention systems (IPSs).
• Administrative Controls: Measures such as separation of duties, data classification, and auditing.

• 4. Compensating Controls - Restoring Functionality

While not preventing attacks, compensating controls ensure that the system can recover and continue functioning after an incident. These controls may involve using data backups or alternative sites to maintain operations.

5. Detective Controls - Identifying and Alerting to Threats

Detective controls are crucial for identifying and alerting to unauthorized activity, whether it's in progress or after the fact. They come in various forms:

• Physical Examples: Alarms and notifications from physical sensors like door and fire alarms.
• Technical Examples: Intrusion detection systems (IDSs) and honeypots that monitor network traffic for suspicious activity.

6. Corrective Controls - Repairing and Restoring

Corrective controls are deployed after an unauthorized or unwanted activity has occurred. They aim to repair damage and restore resources and capabilities to their previous state. Examples include patching systems, quarantining viruses, and incident response plans.

Sphere of Use and Sphere of Protection - Building a Holistic Security Strategy

Understanding the spheres of information security is crucial for developing a comprehensive security strategy:

• Sphere of Use: This forms the foundation of the model, dividing information security into people-centric and technology-centric mechanisms. It visualizes technology mechanisms as layers, with data at the core, protected by systems, networks, and internet access controls.
• Sphere of Protection: This is a more detailed version of the framework, labeling the "what," "where," and "how" of protection. It identifies the specific security measures involved, where they are located in the system, and how redundancies are built in to prevent breaches in case one mechanism fails

In conclusion, understanding the five security controls and the Sphere of Use and Sphere of Protection is paramount for any organization seeking to fortify its information security posture. By implementing a well-rounded security strategy that incorporates these principles, businesses can better protect their sensitive data and maintain the integrity of their systems in an increasingly interconnected world.