novainfosec.com
Extending the 20 CSCs to Gap Assessments & Security Models
At the ShmooCon Firetalks this year John “@pinfosec” Willis gave an interesting talk where he discussed the 20 Critical Security Controls (CSC) and how it could be adapted into a security maturity …