Leidos Supports the Council on Cybersecurity In Updating the 20 Critical Security Controls
Critical Controls Provide a Proven Approach for Security Practitioners
RESTON, Va., March 17, 2014 /PRNewswire/ — Leidos [NYSE: LDOS], a national security, health and engineering solutions company, supported the Council on CyberSecurity in updating the 20 Critical Security Controls as part of a panel to update and maintain these controls. The Critical Controls are a practical framework for increasing an organization’s security posture, and provide a much needed prioritization approach to guide the selection of security expenditures in resource-constrained environments. This allows organizations to identify a clear path forward for the mitigation of the most critical risks within their systems.
The Critical Controls provide a proven approach for security practitioners. They are used to quickly establish risk mitigations within an existing network or system while at the same time providing a long-term roadmap for the application of more advanced mitigations. They can also be used to aid in the design and development of new Information Technology systems by building defensive controls into these systems from the start.
Advances in technology related to cloud computing, mobility and the rise of the ‘Internet of Things’ require security controls that keep pace with evolving risks and challenges. Enterprises must also synthesize widespread policy guidance and standards into a holistic cybersecurity strategy. This is often a complex and time-consuming task.
“Organizations are well-served by community efforts to provide practical guidance that is continuously evaluated for updates and is mapped to recognized standards and policies,” said Tony Sager, Chief Technologist for the Council on CyberSecurity. “The Critical Controls apply across industries, and the mapping work produced by the Council on CyberSecurity is critical to allowing diverse organizations to make use of the recommended controls.”
“Leidos is pleased to have supported the update of the Critical Controls published by the Council on CyberSecurity,” said Sam Gordy, Leidos Integrated Systems Group president. “We strongly support the continued adoption of the Critical Controls across industries and will continue to use them as a standardized framework for defining secure system architectures within critical infrastructure and the government.”
“We’re happy to see that the Critical Controls are constantly being evaluated to ensure that they keep up to date with advances in technology,” added Brian Russell, Leidos chief engineer for cybersecurity solutions. “Leidos strongly encourages both government and commercial organizations to review and incorporate the Critical Controls into their cybersecurity planning activities.”
Leidos is a science and technology solutions leader working to address some of the world’s toughest challenges in national security, health, and engineering. The Company’s 23,000 employees support vital missions for our government and the commercial sector, develop innovative solutions to drive better outcomes, and defend our Nation’s digital and physical infrastructure from ‘new world’ threats. Leidos is headquartered in Reston, Va. and had approximately $6 billion in revenues for fiscal year 2013, on a pro forma basis, following the spin-off of the company’s technical, engineering and enterprise IT business on Sept. 27, 2013. For more information, visit www.Leidos.com.
About the Council on CyberSecurity
The Council on CyberSecurity is an independent, expert, not-for-profit organization with a global scope committed to the security of an open Internet. The Council is committed to the ongoing development and widespread adoption of the Critical Controls, to elevating the competencies of the cybersecurity workforce, and to the development of policies that lead to measurable improvements in our ability to operate safely, securely and reliably in cyberspace. For more information, visit the website at www.CouncilonCyberSecurity.org.
Jennifer Gephart, Leidos