All Articles

Top 10 Mitigation steps in information security

Posted by pritha on April 29, 2015 at 5:47am

A simple 4-step model to information security

Maintaining & Monitoring IT resource/asset integrity
Preparing & Limiting damage/loss in the course of attack
Proper Access control/Authentication & Authorization
Secure Data Communication

Top 10 steps to mitigation

Application Whitelisting
Training & Awareness
Proper Admin Privilege control & monitoring
Anti-Virus File Recommendations for Cloud interactions
Use of HIPSi.e.Host Intrusion Prevention System Rules
Configure secure host baseline
Web-Domain i.e. DNS Trusted Ratings
Updated systems always
Secure Architecture planning & revise
Incident Log review and monitoring process setup

Courtesy: https://www.nsa.gov/ia/_files/factsheets/I43V_Slick_Sheets/Slicksheet_Top10IAMitigationStrategies_Web.pdf

★

Votes: 0

E-mail me when people leave their comments –

Posted by pritha

Community Head, CISO Platform

You need to be a member of CISO Platform to add comments!

Join CISO Platform

Join The Community Discussion

Top Breaches in Cyber Security in 2025 – upcoming live panel

Posted by Matthew Rosenquist on January 6, 2026 at 12:15pm in Podcast

Weekly CISO Podcast Pick – Why Cyber Risk Fails: What CISOs Should Do Instead

Posted by Biswajit Banerjee on January 8, 2026 at 5:38pm in Blog

Navigating Cybersecurity in 2026: A Deep Dive into Trends, Statistics and Strategies for Enterprises, SMBs & BFSI/NBFCs

Posted by Denise on January 8, 2026 at 3:36am in Blog

Daily Breach Intelligence 26 November 2025 - Dartmouth College has confirmed that its Oracle EBS instance was compromised; New Critical CVE with unauthenticated RCE in broadcast infrastructure..

Posted by pritha on November 26, 2025 at 2:06am in Blog

CISO Platform

A global community of 5K+ Senior IT Security executives and 40K+ subscribers with the vision of meaningful collaboration, knowledge, and intelligence sharing to fight the growing cyber security threats.

Join CISO Community Share Your Knowledge (Post A Blog)

Atlanta Chapter Meet: Build the Pen Test Maturity Model (Virtual Session)

Jan 14, 2026 at 7:30pm to Feb 25, 2026 at 9:00pm UTC+5.5

Online

Description:
The Atlanta Pen Test Chapter has officially begun and is now actively underway.

Atlanta CISOs and security teams have kicked off Pen Test Chapter #1 (Virtual), an ongoing working series focused on drafting Pen Test Maturity Model v0.1, designed for an intel-led, exploit-validated, and AI-assisted security reality. The chapter was announced at …
Created by: Biswajit Banerjee
Tags: ciso, pen testing, red team, security leadership

The Insider Risk Summit (West)

Mar 18, 2026 at 10:00am to Mar 19, 2026 at 6:00pm PDT

Monterey, CA

Description:
Created by: pritha
Tags: insider risk summit, monterey, california

#xg { position:relative;top:120px; } #xn_bar { top:120px; }

Hello, you need to enable JavaScript to use CISO Platform.

Please check your browser settings or contact your system administrator.