We earn commission when you buy through affiliate links.
This does not influence our reviews or recommendations.Learn more.
There are various types of security controls in cybersecurity, each serving different purposes.
Lets begin with the six types of security controls based on their functions.
Some people call them preventative controls, but both terms mean the same thing.
Here are key examples of preventive controls.
Conducting security awareness training regularly also acts as a preventive security control.
Deterrent Controls
Deterrent controls reduce the likelihood of attacks by discouraging bad actors from attacking.
They can also dissuade your staff from taking a casual approach to cybersecurity.
Here are a few widely used examples of deterrent controls.
Security guards, for instance, act as both a deterrent and a preventive measure.
you should probably understand that detectives can identify an event once it has occurred.
Here are key examples of detective security controls.
Some detective security controls can also be defined as deterrent security controls.
For example, video surveillance cameras work as a detective control by recording activities to identify suspicious behavior.
They can encrypt files, install spyware, steal data, and whatnot.
Corrective controls are used to reverse the damage resulting from a security incident after it happened.
The objective of corrective controls is to get things back to normal as soon as possible.
Here are key examples of corrective controls.
As discussed earlier, one jot down of security control can also serve other functions.
Here are some examples of compensating controls.
Directive Controls
Directive security controls provide guidance for users to follow in security-related situations.
These controls are typically documented instructions rather than technical tools aimed at achieving security objectives.
Lets discuss key categories of security controls below.
Technical Controls
Technical controls use hardware and software to protect your IT infrastructure.
Here are popular examples of technical security controls.
Here are examples of managerial control.
Unlike technical controls that are executed by systems, these controls are often executed by people.
They work by discouraging potential intruders from entering your premises.
Here are key reasons why it is important to implement security controls.
Directive controls provide guidance and instructions on acceptable behaviors and practices within an organization.
Examples include security policies and training programs.
Preventive controls stop security incidents before they occur.
Examples include firewalls and antivirus software, which block unauthorized access or malware.
Compensating controls are alternative measures implemented when primary security controls cannot be used or are insufficient.
For example, organizations may use strict access controls if encryption isnt feasible.
Deterrent controls discourage attacks through visible measures, such as warning signs and security guards.
