After this lesson, you will be able to: Apply Protect: access control, data security, security training.
Protect is the largest CSF function. Access control, data security, awareness, maintenance, protective tech. Most security spend lands here.
Access Control (PR.AC). IAM, MFA, least privilege. Awareness & Training (PR.AT), phishing sims, role-based training. Data Security (PR.DS), encryption, integrity. Information Protection Processes (PR.IP), baselines, change mgmt. Maintenance (PR.MA), patching, asset upkeep. Protective Technology (PR.PT), logging, removable media controls.
1. MFA everywhere (start with admins).
2. Patch SLA defined and tracked.
3. Encrypt data at rest + in transit.
4. Annual phishing sim + remedial training.
5. Log everything (centralize for Detect).
6. Backups, 3-2-1, tested.
Many orgs over-invest in fancy Protect tools while basics (MFA, patching) lag. Diminishing returns. Audit the basics first.
Sign in and purchase access to unlock this lesson.