CIS Controls Series
Today’s blog is an introduction to the newest addition to our variety of technical topics- a series on CIS Controls! Before we dive into the details of each control, we would like to take this opportunity to show the value that this list can add to your organizations Cyber resilience.
So what are CIS Controls? The CIS controls are a compiled list of guiding steps to protect against dangerous and high levels of cyber attacks. The list of defensive actions intends to give businesses stronger and safer cyber defenses.
CIS stands for Center for Internet Security, INC. CIS is “a forward-thinking, non-profit entity that harnesses the power of a global IT community to safeguard private and public organizations against cyber threats.” The people within CIS are behind the creation of this list of controls. They are people who understand how the attacks work and are able to use that comprehension to develop preventative steps.
The CIS Controls were formalized in 2008. They are continually updated and improved by looking at recent and reoccurring attacks and matching them to the most effective security. It is frequently asked by people “What needs to be done to stop attacks?” The CIS Controls list is designed to focus on key pain points that may be exposed during regulatory compliance checks.
There are currently 20 controls divided into three separate categories. These categories are; Basic CIS Controls, Foundational CIS Controls, and Organizational CIS Controls. While some controls are relatively simple and others complex, each of them play a critical part in working toward a stronger cyber defense.
We feel, at The IT Company, an organization well versed in the benefits of CIS Controls will be better defended. In a technical world with rapidly increasing cyber attacks, there is power in knowledge. These controls guide you in understanding what it is you are protecting, and where your defenses may fall short. We cannot understate the value provided by following this handy guide. We encourage you to join us as we shed some light on these useful topics.
Over the course of the next few months, we will be focusing on specific individual controls and highlighting their value to your organization. We will expand on what the control is, how the specific control plays into the entire list of controls, and what the benefits of it are. We will begin the series next week with the first 2 controls! Do not miss out on two of the simplest, but most important controls in setting yourself up for a strong cyber defense.