<aside> <img src="/icons/lock-keyhole_gray.svg" alt="/icons/lock-keyhole_gray.svg" width="40px" /> Security controls refers to any type of safeguard of countermeasure used to avoid, detect, counteract or minimize security risks to physical property, information, computer systems or other assets

</aside>

There are 6 basic types of security controls:

• Preventive controls
  • Proactive measures implemented to thwart potential security threats or breaches
• Deterrent controls
  • Discourage potential attackers by making the effort seem less appealing or more challenging
• Detective controls
  • Monitor and alert organizations to malicious activities as they occur or shortly thereafter
• Corrective controls
  • Mitigate any potential damage and restore systems to their normal state
• Compensating controls
  • Alternative measures that are implemented when primary security controls are not feasible or effective
• Directive controls
  • Guide, inform, or mandate actions
  • Often rooted in policy or documentation and set the standards for behavior within an organization