Thursday, June 6, 2013

20 Critical Controls

I finished teaching the vLive version of MGT 512 yesterday and I think it was a good experience. This was the second time in a row the students hung around to chat after class and I treasure that. One of them brought up the 20 CC. He was concerned since he had five guys assigned to the project, but it seemed to be going slowly.

Maybe I was speaking out of school as they say, but I shared that it was slow going at SANS as well. He told me that really made him feel better.

Then he said what was freaking him out was attending a presentation from Dr. Eric Cole, where he said, the 20 CC, are really the minimum things we need to do to accomplish what is reasonable and prudent.

Smile. Such is the life of security, the bad guys only have to win every once in a while, we have to win every time.