Secure Controls Framework

Defense in Depth is available at CISOSeries.com. Is the "free to use" Secure Controls Framework the one meta-framework to rule them all? Check out this post and discussion for the basis of our conversation on this week's episode which is co-hosted by me, David Spark (@dspark), the creator of CISO Series and Allan Alford (@AllanAlfordinTX), CISO at Mitel. Our guest is Tom Cornelius, founder and contributor of the Secure Controls Framework (SCF) (@scf_support). Thanks to this week’s podcast sponsor, SpyCloud Learn more about how you can protect employees and customers from account takeover with SpyCloud.

On this episode of Defense in Depth, you’ll learn: • Purpose of the Secure Controls Framework is to have a single framework to address multiple requirements. It's a meta framework that takes into consideration the controls of all other frameworks. • You only need to use the security controls that are important and relevant to you. For that reason, don't be daunted by the number of controls on SCF (currently 750). • You can have security without privacy, but you can't have privacy without security. Integrating privacy and security is critical to SCF.