14.9: Conduct Role-Specific Security Awareness and Skills Training

CSF v1.1 References:

CSF v2.0 References:

PF v1.0 References:


Previous Version:

Control Statement

Conduct role-specific security awareness and skills training. Example implementations include secure system administration courses for IT professionals, OWASP® Top 10 vulnerability awareness and prevention training for web application developers, and advanced social engineering awareness training for high-profile roles.

[csf.tools Note: For more information on the Critical Security Controls, visit the Center for Internet Security.]