Preventive controls strengthen the system against incidents, generally by reducing if not actually eliminating vulnerabilities. Strong authentication of cloud users, for instance, makes it less likely that unauthorized users can access cloud systems, and more likely that cloud users are positively identified.
Detective approaches complement preventive approaches as they enable the investigation not only of external risks, but also risks from within the Cloud Service Provider (CSP). Detective approaches can also be applied in a less invasive manner than preventive approaches.
These controls are intended to reduce attacks on a cloud system. Much like a warning sign on a fence or a property, deterrent controls typically reduce the threat level by informing potential attackers that there will be adverse consequences for them if they proceed.
Corrective controls reduce the consequences of an incident, normally by limiting the damage. They come into effect during or after an incident. Restoring system backups in order to rebuild a compromised system is an example of a corrective control.
Prepare, recognize, and effectively respond to security incidents by implementing early-recognition protocols and the right intelligence-driven security strategies. We can protect your data and apps in the cloud and across your entire IT infrastructure with our cloud security solutions. These solutions include managed security services; vulnerability management; governance, risk, and compliance management; and identity and access management.