17.9: Establish and Maintain Security Incident Thresholds

CSF v1.1 References:

CSF v2.0 References:


Previous Version:

Control Statement

Establish and maintain security incident thresholds, including, at a minimum, differentiating between an incident and an event. Examples can include: abnormal activity, security vulnerability, security weakness, data breach, privacy incident, etc. Review annually, or when significant enterprise changes occur that could impact this Safeguard.

[csf.tools Note: For more information on the Critical Security Controls, visit the Center for Internet Security.]