Safeguards¶
Safeguards are the things that reduce risk and increase resilience.
Definition¶
A safeguard is any policy, process, architecture, behavior, technology, or activity that protects assets, reduces likelihood, reduces impact, improves detection, or improves recovery.
Common safeguard families¶
| Safeguard family | Examples |
|---|---|
| Administrative | Policy, standard, procedure, training |
| Identity | MFA, least privilege, access review, privileged access management |
| Data | Classification, encryption, retention, loss prevention |
| Endpoint | Hardening, EDR, patching, device management |
| Network | Segmentation, DNS control, secure access, traffic inspection |
| Application | Secure SDLC, testing, code review, secrets management |
| Resilience | Backup, recovery plan, continuity plan, tabletop exercise |
| Monitoring | Logging, alerting, detection rules, case management |
Safeguard page pattern¶
A safeguard article should answer:
- What asset does it protect?
- What risk does it reduce?
- What weakness does it address?
- What evidence proves it exists and operates?
- Who owns it?