How To Reduce Cyber Risks
A strong control environment design for cyber risks requires an understanding of the functions of the controls to be applied. In this article, I will briefly share my knowledge on this subject.
Unfortunately, despite all efforts, all systems host vulnerabilities waiting to be discovered by a malicious attacker or a clumsy employee. Who knows what will happen when the time comes…
Control Categories
Organizations also try to manage these threats with the exercising of administrative, physical, and technical controls within a pre-defined risk appetite through an integrated manner. Policies in the administrative control category indicate which technical and physical controls should be applied, to what extent, and how. Technical controls, with their compelling algorithms, ensure that high-level definitions in policies/procedures are applied or keep notes on the extent to which they are applied. And of course, the presence of solid physical controls is also a must. Otherwise, someone may carry the data you protect with supersonic technologies along with the servers they are in.
