{"id":2843,"date":"2022-03-09T17:38:03","date_gmt":"2022-03-09T16:38:03","guid":{"rendered":"https:\/\/kalweit-its.de\/2022\/03\/the-overlooked-danger-selection-of-security-controls\/"},"modified":"2023-02-24T13:00:55","modified_gmt":"2023-02-24T12:00:55","slug":"the-overlooked-danger-selection-of-security-controls","status":"publish","type":"post","link":"https:\/\/kalweit-its.de\/en\/the-overlooked-danger-selection-of-security-controls\/","title":{"rendered":"The Overlooked Danger: Selection of Security Controls"},"content":{"rendered":"\n<p>There are so many fast routes to establish security management as well as controls that the risks of going by the book might be overlooked. It is easy to use frameworks, standards like ISO 27001 or other regulatory requirements and never get into the habit of continuous improvement. For this very reason, this articles explores the process for selecting security controls, the industry best practices and some experiences along the way.<\/p>\n\n<p>To lay out a plan for getting a strong table of security controls, we have written a whitepaper about this topic that explains the process of selecting security controls in detail based on the internationally used NIST Risk Management Framework and the Special Publication 800-53. This paper concludes all necessary steps to complete a list of selected controls, examples, industry experience and widely used misconceptions to optimally implement this process in your risk or information security processes as well as a full example on how the result of this process would look like. You can find the whitepaper following this link:<\/p>\n\n<p><a href=\"https:\/\/kalweit-its.de\/Kalweit_ITS_Whitepaper_Overlooked%20Danger_%20Selection_of_Security_Controls.pdf\">Whitepaper Overlooked Danger &#8211; Selection of Security Controls<\/a><\/p>\n\n<h2 class=\"wp-block-heading\">The summary<\/h2>\n\n<p>The process to select security controls is widely known but often overlooked, or scheduled for after getting the first results but improvement can happen even before compliance, so that the selection process starts right at the start of setting up an ISMS. The selection of security controls contains three steps: The selection of a minimum baseline, identification of common controls and the selection of hybrid and system-specific controls. Each step should be taken carefully for an optimal effectiveness of the security program. Going by the process described in the NIST risk management framework, the result should be stated in a security plan, but any other document would also suffice. An example of such a document can be found at the end of the whitepaper.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>There are so many fast routes to establish security management as well as controls that the risks of going by the book might be overlooked. It is easy to use frameworks, standards like ISO 27001 or other regulatory requirements and never get into the habit of continuous improvement. For this very reason, this articles explores [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"","_et_pb_old_content":"","_et_gb_content_width":"","footnotes":""},"categories":[11],"tags":[],"class_list":["post-2843","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.3 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>The Overlooked Danger: Selection of Security Controls - KALWEIT ITS GmbH<\/title>\n<meta name=\"description\" content=\"The overlooked danger: selection of security controls. Find out more here and arrange an initial consultation.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/kalweit-its.de\/en\/the-overlooked-danger-selection-of-security-controls\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"The Overlooked Danger: Selection of Security Controls - KALWEIT ITS GmbH\" \/>\n<meta property=\"og:description\" content=\"The overlooked danger: selection of security controls. Find out more here and arrange an initial consultation.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/kalweit-its.de\/en\/the-overlooked-danger-selection-of-security-controls\/\" \/>\n<meta property=\"og:site_name\" content=\"KALWEIT ITS GmbH\" \/>\n<meta property=\"article:published_time\" content=\"2022-03-09T16:38:03+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-02-24T12:00:55+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/kalweit-its.de\/wp-content\/uploads\/2022\/03\/591.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"960\" \/>\n\t<meta property=\"og:image:height\" content=\"640\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"faberandfriends\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"faberandfriends\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/kalweit-its.de\/en\/the-overlooked-danger-selection-of-security-controls\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/kalweit-its.de\/en\/the-overlooked-danger-selection-of-security-controls\/\"},\"author\":{\"name\":\"faberandfriends\",\"@id\":\"https:\/\/kalweit-its.de\/en\/#\/schema\/person\/916c49e20957f9f2325c9357b6899659\"},\"headline\":\"The Overlooked Danger: Selection of Security Controls\",\"datePublished\":\"2022-03-09T16:38:03+00:00\",\"dateModified\":\"2023-02-24T12:00:55+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/kalweit-its.de\/en\/the-overlooked-danger-selection-of-security-controls\/\"},\"wordCount\":312,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/kalweit-its.de\/en\/#organization\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/kalweit-its.de\/en\/the-overlooked-danger-selection-of-security-controls\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/kalweit-its.de\/en\/the-overlooked-danger-selection-of-security-controls\/\",\"url\":\"https:\/\/kalweit-its.de\/en\/the-overlooked-danger-selection-of-security-controls\/\",\"name\":\"The Overlooked Danger: Selection of Security Controls - KALWEIT ITS GmbH\",\"isPartOf\":{\"@id\":\"https:\/\/kalweit-its.de\/en\/#website\"},\"datePublished\":\"2022-03-09T16:38:03+00:00\",\"dateModified\":\"2023-02-24T12:00:55+00:00\",\"description\":\"The overlooked danger: selection of security controls. Find out more here and arrange an initial consultation.\",\"breadcrumb\":{\"@id\":\"https:\/\/kalweit-its.de\/en\/the-overlooked-danger-selection-of-security-controls\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/kalweit-its.de\/en\/the-overlooked-danger-selection-of-security-controls\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/kalweit-its.de\/en\/the-overlooked-danger-selection-of-security-controls\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Startseite\",\"item\":\"https:\/\/kalweit-its.de\/en\/home\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"The Overlooked Danger: Selection of Security Controls\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/kalweit-its.de\/en\/#website\",\"url\":\"https:\/\/kalweit-its.de\/en\/\",\"name\":\"KALWEIT ITS GmbH\",\"description\":\"Unabh\u00e4ngige Unternehmensberatung f\u00fcr IT-Sicherheit\",\"publisher\":{\"@id\":\"https:\/\/kalweit-its.de\/en\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/kalweit-its.de\/en\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/kalweit-its.de\/en\/#organization\",\"name\":\"KALWEIT ITS GmbH\",\"url\":\"https:\/\/kalweit-its.de\/en\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalweit-its.de\/en\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/kalweit-its.de\/wp-content\/uploads\/2022\/03\/Kalweit-ITS-Logo.svg\",\"contentUrl\":\"https:\/\/kalweit-its.de\/wp-content\/uploads\/2022\/03\/Kalweit-ITS-Logo.svg\",\"width\":701,\"height\":81,\"caption\":\"KALWEIT ITS GmbH\"},\"image\":{\"@id\":\"https:\/\/kalweit-its.de\/en\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.linkedin.com\/company\/kalweit-its\/\",\"https:\/\/www.instagram.com\/kalweit.its\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/kalweit-its.de\/en\/#\/schema\/person\/916c49e20957f9f2325c9357b6899659\",\"name\":\"faberandfriends\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalweit-its.de\/en\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/4f0fccb1a1f41f5c6b7ddedf7aceef3b?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/4f0fccb1a1f41f5c6b7ddedf7aceef3b?s=96&d=mm&r=g\",\"caption\":\"faberandfriends\"},\"sameAs\":[\"https:\/\/kalweit-its.de\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"The Overlooked Danger: Selection of Security Controls - KALWEIT ITS GmbH","description":"The overlooked danger: selection of security controls. Find out more here and arrange an initial consultation.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/kalweit-its.de\/en\/the-overlooked-danger-selection-of-security-controls\/","og_locale":"en_US","og_type":"article","og_title":"The Overlooked Danger: Selection of Security Controls - KALWEIT ITS GmbH","og_description":"The overlooked danger: selection of security controls. Find out more here and arrange an initial consultation.","og_url":"https:\/\/kalweit-its.de\/en\/the-overlooked-danger-selection-of-security-controls\/","og_site_name":"KALWEIT ITS GmbH","article_published_time":"2022-03-09T16:38:03+00:00","article_modified_time":"2023-02-24T12:00:55+00:00","og_image":[{"width":960,"height":640,"url":"https:\/\/kalweit-its.de\/wp-content\/uploads\/2022\/03\/591.jpg","type":"image\/jpeg"}],"author":"faberandfriends","twitter_card":"summary_large_image","twitter_misc":{"Written by":"faberandfriends","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/kalweit-its.de\/en\/the-overlooked-danger-selection-of-security-controls\/#article","isPartOf":{"@id":"https:\/\/kalweit-its.de\/en\/the-overlooked-danger-selection-of-security-controls\/"},"author":{"name":"faberandfriends","@id":"https:\/\/kalweit-its.de\/en\/#\/schema\/person\/916c49e20957f9f2325c9357b6899659"},"headline":"The Overlooked Danger: Selection of Security Controls","datePublished":"2022-03-09T16:38:03+00:00","dateModified":"2023-02-24T12:00:55+00:00","mainEntityOfPage":{"@id":"https:\/\/kalweit-its.de\/en\/the-overlooked-danger-selection-of-security-controls\/"},"wordCount":312,"commentCount":0,"publisher":{"@id":"https:\/\/kalweit-its.de\/en\/#organization"},"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/kalweit-its.de\/en\/the-overlooked-danger-selection-of-security-controls\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/kalweit-its.de\/en\/the-overlooked-danger-selection-of-security-controls\/","url":"https:\/\/kalweit-its.de\/en\/the-overlooked-danger-selection-of-security-controls\/","name":"The Overlooked Danger: Selection of Security Controls - KALWEIT ITS GmbH","isPartOf":{"@id":"https:\/\/kalweit-its.de\/en\/#website"},"datePublished":"2022-03-09T16:38:03+00:00","dateModified":"2023-02-24T12:00:55+00:00","description":"The overlooked danger: selection of security controls. Find out more here and arrange an initial consultation.","breadcrumb":{"@id":"https:\/\/kalweit-its.de\/en\/the-overlooked-danger-selection-of-security-controls\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/kalweit-its.de\/en\/the-overlooked-danger-selection-of-security-controls\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/kalweit-its.de\/en\/the-overlooked-danger-selection-of-security-controls\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Startseite","item":"https:\/\/kalweit-its.de\/en\/home\/"},{"@type":"ListItem","position":2,"name":"The Overlooked Danger: Selection of Security Controls"}]},{"@type":"WebSite","@id":"https:\/\/kalweit-its.de\/en\/#website","url":"https:\/\/kalweit-its.de\/en\/","name":"KALWEIT ITS GmbH","description":"Unabh\u00e4ngige Unternehmensberatung f\u00fcr IT-Sicherheit","publisher":{"@id":"https:\/\/kalweit-its.de\/en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/kalweit-its.de\/en\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/kalweit-its.de\/en\/#organization","name":"KALWEIT ITS GmbH","url":"https:\/\/kalweit-its.de\/en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalweit-its.de\/en\/#\/schema\/logo\/image\/","url":"https:\/\/kalweit-its.de\/wp-content\/uploads\/2022\/03\/Kalweit-ITS-Logo.svg","contentUrl":"https:\/\/kalweit-its.de\/wp-content\/uploads\/2022\/03\/Kalweit-ITS-Logo.svg","width":701,"height":81,"caption":"KALWEIT ITS GmbH"},"image":{"@id":"https:\/\/kalweit-its.de\/en\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.linkedin.com\/company\/kalweit-its\/","https:\/\/www.instagram.com\/kalweit.its\/"]},{"@type":"Person","@id":"https:\/\/kalweit-its.de\/en\/#\/schema\/person\/916c49e20957f9f2325c9357b6899659","name":"faberandfriends","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalweit-its.de\/en\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/4f0fccb1a1f41f5c6b7ddedf7aceef3b?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/4f0fccb1a1f41f5c6b7ddedf7aceef3b?s=96&d=mm&r=g","caption":"faberandfriends"},"sameAs":["https:\/\/kalweit-its.de"]}]}},"_links":{"self":[{"href":"https:\/\/kalweit-its.de\/en\/wp-json\/wp\/v2\/posts\/2843"}],"collection":[{"href":"https:\/\/kalweit-its.de\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kalweit-its.de\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kalweit-its.de\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/kalweit-its.de\/en\/wp-json\/wp\/v2\/comments?post=2843"}],"version-history":[{"count":2,"href":"https:\/\/kalweit-its.de\/en\/wp-json\/wp\/v2\/posts\/2843\/revisions"}],"predecessor-version":[{"id":2858,"href":"https:\/\/kalweit-its.de\/en\/wp-json\/wp\/v2\/posts\/2843\/revisions\/2858"}],"wp:attachment":[{"href":"https:\/\/kalweit-its.de\/en\/wp-json\/wp\/v2\/media?parent=2843"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kalweit-its.de\/en\/wp-json\/wp\/v2\/categories?post=2843"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kalweit-its.de\/en\/wp-json\/wp\/v2\/tags?post=2843"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}