What Are Controls?
Controls are safeguards or countermeasures implemented to manage risks and protect assets. Cybersecurity controls can be technical, administrative, or physical and are designed to reduce vulnerabilities, prevent threats and ensure confidentiality, integrity and availability of information.
The most common types of controls are:
- Technical controls. This include firewalls, encryption, access controls and intrusion detection systems.
- Administrative controls. This encompass policies, procedures, training and incident response plans.
- Physical controls. This involve locks, security guards, surveillance cameras and facility access restrictions.