This resource is no longer available
SANS Survey: 20 Critical Security Controls
While many security standards and requirement frameworks have been developed to address risks to the enterprise, many of these have in turn just become exercises in reporting on compliance. After this was recognized as a serious problem by U.S. National Security Agency (NSA) in 2008, the Critical Security Controls (CSCs) where created.
In this SANS report, discover how organizations have responded to CSCs so far, and the implications it has on the future of security controls.