Based on the definition given, discuss how you would approach performing a vulnerability assessment for a company that is in the process of implementing the current Top 20 Controls, with the goal of assisting them in prioritizing which controls to start with.

The California Attorney General released the “2016 Data Breach Report” in February 2016, covering reported data breaches in California over four years, 2012 – 2015. The primary recommendation in the report, is to implement the CIS Top 20 Critical Security Controls, and it also includes a definition of “Reasonable Security” (see page v of the report) which companies should be providing to protect customer data. Based on the definition given, discuss how you would approach performing a vulnerability assessment for a company that is in the process of implementing the current Top 20 Controls, with the goal of assisting them in prioritizing which controls to start with.

LINKS:
2016 DATA BREACH REPORT – https://www.oag.ca.gov/sites/all/files/agweb/pdfs/dbr/2016-data-breach-report.pdf

CIS TOP 20 CONTROLS- https://www.cisecurity.org/controls/cis-controls-list

Last Completed Projects

topic title academic level Writer delivered