Information Security Mitigation Lists

Last week the Australian Department of Defense released a list of 35 mitigations that are the best hope for stopping or mitigating the targeted attacks that are decimating government and industry around the world. US-CERT (United States Computer Emergency Readiness Team) also released a similar list of recommendations intended to “enhance existing security programs.”

I think any organization can implement all or some of these recommendations depending on the type and amount of information they need to protect. Some of the recommendations are strategic, but others are common measures that we’ve been discussing for years, such as using strong passwords and changing them on a regular basis, filtering email, and making sure all systems have up to date patches and are scanning for viruses.

Take a look for yourself and see if you are already doing any of them in your area.


About MIT
IT Security Awareness Consultant and Communications Specialist at MIT

Comments are closed.

%d bloggers like this: