|
The Twenty Critical Security Controls for Effective Cyber Defense (commonly called the Consensus Audit Guidelines or CAG) is a publication of best practice guidelines for computer security. The project was initiated early in 2008 as a response to extreme data losses experienced by organizations in the US defense industrial base.〔("Gilligan Group Inc., CAG Background and Participants" )〕 The publication can be found on the (website ) of the SANS Institute. ==Contributors== The Consensus Audit Guidelines were compiled by a consortium of more than 100 contributors〔(James Tarala and Jennifer Adams, "The Consensus Audit Guidelines: Drastically Improve Security of HIT Systems" )〕 from US government agencies, commercial forensics experts and pen testers.〔(SANS Website, "20 Critical Security Controls" )〕 Authors of the initial draft include members of: *US National Security Agency Red Team and Blue Team *US Department of Homeland Security, US-CERT *US DoD Computer Network Defense Architecture Group *US DoD Joint Task Force – Global Network Operations (JTF-GNO) *US DoD Defense Cyber Crime Center (DC3) *US Department of Energy Los Alamos National Lab, and three other National Labs. *US Department of State, Office of the CISO *US Air Force *US Army Research Laboratory *US Department of Transportation, Office of the CIO *US Department of Health and Human Services, Office of the CISO *US Government Accountability Office (GAO) *MITRE Corporation *The SANS Institute〔 抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)』 ■ウィキペディアで「Consensus audit guidelines」の詳細全文を読む スポンサード リンク
|