Technical control is just one of the security measures. There are much surrounding elements to take care in order to secure. This includes but not limited to:
- Understand the security objective
- Design with optimal controls
- Deploy with the viable measures (be it technical, administrative or management controls)
- Verify if controls are deployed per design
- Sustain the effectiveness of the controls
Most often, security practitioners are focusing on technical controls with micro management. They forget the bigger picture where the technology stands in the entire business landscape.