1
Manage risks
Assess the risks to your organization's information and systems by incorporating an appropriate risk management regime.2
Secure Configuration
Develop a strategy to remove or disable unnecessary system functionality and quickly remediate known vulnerabilities by applying patches.3
Secure your network
Reduzca las posibilidades de que sus sistemas y tecnologías sean atacados creando e implementando políticas simples y respuestas arquitectónicas y técnicas apropiadas.4
Manage privileges
All users must have a reasonable (but minimum) level of privileges and system rights necessary for their role.5
Manage incidents
Every organization will experience security incidents at some point. Investing in creating effective incident management policies and processes will improve resilience.6
Users education
It is important to educate staff about potential cyber risks to ensure users can do their jobs and help keep the organization secure.7
Prevent malware
Any exchange of information carries a degree of risk that malware may be exchanged, which could seriously impact your systems and services.8
Monitor your organization
It aims to detect actual or attempted attacks on business systems and services. It is a key capability required to meet legal or regulatory requirements.9
Control removable devices
Limit media types and usage. Scan all media for malware before importing into the corporate system.10
Work from home
Risk-based policies and procedures should be created to support mobile working or remote access to systems that are relevant to users.
