A list of the controls you need plus how to implement them

Prioritizing security measures is the first step toward accomplishing them, and the SANS Institute has created a list of the top 20 critical security controls businesses should implement.

They include some obvious steps, such as getting a comprehensive inventory of all network devices and software, implementing secure hardware configurations and providing for data recovery, but also gets into areas that are less evident.