Security controls can be categorized by the time they can be implemented in accordance to the incident. What are those categorizations?
To help examine or design security controls, they can be categorized by several criteria, very commonly, the duration of time that they act in response to a security incident:
- Before the event: preventive controls are purposed to prevent an incident from occurring; for example, using video monitors to watch for trespassers.
- During the event: detective controls are intended to identify and assess an incident in progress; for example, triggering an intruder alarm and alerting authorities.
- After the event: corrective controls are intended to minimize damage caused by the incident; for example, returning the organization to normal working status as efficiently as possible.