***
Skip to content

Protect (Cybersecurity Controls)

Cybersecurity Contexts Detect (Cybersecurity Monitoring) Govern (Cybersecurity Governance) Identify (Cybersecurity Understanding) Protect (Cybersecurity Controls) Application & API Security Backup & Resilience Controls Data Protection Identity & Access Management (IAM) Network Security & Segmentation Privileged Access Management (PAM) Secure Configuration & Hardening Security Awareness & Training Recover (Cybersecurity Recovery) Respond (Cybersecurity Incident Response) Data Flow & Lineage Mapping
Cybersecurity Contexts Detect (Cybersecurity Monitoring) Govern (Cybersecurity Governance) Identify (Cybersecurity Understanding) Protect (Cybersecurity Controls) Application & API Security Backup & Resilience Controls Data Protection Identity & Access Management (IAM) Network Security & Segmentation Privileged Access Management (PAM) Secure Configuration & Hardening Security Awareness & Training Recover (Cybersecurity Recovery) Respond (Cybersecurity Incident Response) Data Flow & Lineage Mapping
New to this diagram? Learn about the method: Use Case Tree · Use Case · Outcome

Protect covers the preventative measures that reduce the likelihood of compromise and limit the blast radius when something goes wrong, balancing risk reduction with operational practicality.

Protection is about reducing business risk by putting effective controls in place where they matter most.

Outcomes

  • Reduced probability of successful attacks
  • Smaller impact when incidents occur (segmentation, least privilege)
  • Fewer security exceptions and more consistent control adoption
  • Stronger resilience against common threats (e.g., ransomware)

What this includes

  • Identity and access management (IAM) and privileged access management (PAM)
  • Secure configuration and hardening, including patching practices
  • Application and API security controls
  • Data protection (encryption, key management, data loss prevention)
  • Network security and segmentation
  • Security awareness and training
  • Backup and resilience controls