For all the years of hard work, the DBIR can finally have some standardized controls, as a treat.
To be fair, this is simply a new take on an old approach. If you were to take out the 2014 version of the DBIR, blow the dust off of the cover and glance through the findings, you’ll see an effort that we undertook to help standardize our approach to talking about defense and controls.
In this effort, we aligned our findings with the Center for Internet Security (CIS) Critical Security Controls (version 6 at the time) to provide you, our most devoted and loyal readers, with a way to match our findings to your security efforts. You may (or may not) be happy to hear that we’ve revisited our earlier attempt to help provide you with the same types of integration and assist you with tying your security program prioritization to our data.