All Articles

A simple 4-step model to information security

1. Maintaining & Monitoring IT resource/asset integrity 
2. Preparing & Limiting damage/loss in the course of attack
3. Proper Access control/Authentication & Authorization
4. Secure Data Communication

Top 10 steps to mitigation

1. Application Whitelisting
2. Training & Awareness
3. Proper Admin Privilege control & monitoring
4. Anti-Virus File Recommendations for Cloud interactions
5. Use of HIPSi.e.Host Intrusion Prevention System Rules
6. Configure secure host baseline
7. Web-Domain i.e. DNS Trusted Ratings
8. Updated systems always
9. Secure Architecture planning & revise
10. Incident Log review and monitoring process setup

Courtesy: https://www.nsa.gov/ia/_files/factsheets/I43V_Slick_Sheets/Slicksheet_Top10IAMitigationStrategies_Web.pdf