Today, we’re going to be talking about the top 20 CIS controls to ensure that your organisation is implementing protocols for maximum cyber security as you’re operating. This particular set of CIS Controls was developed by a number of IT experts who created these controls to protect the cyber threats. The experts who develop the CIS Controls come from a wide range of sectors including retail, manufacturing, healthcare, education, government, defense, but share the same primary focus: to publish a list of basic security principles and increase the public and organisational implications of not meeting the best practices of operating in the online environment.
Purpose of CIS – Center for Internet Security – Controls
The CIS controls provide the best strategies to deal with cyber threats. This is because the controls cover a number of major solutions for software and hardware that can be used in different arrays. When there are multiple solutions available for the system security, the theft could be nearly impossible to reach.
These days, organizations have introduced BYOD – bring your own device policies. This is a significant threat and is dangerous to any system, presenting an opportunity for the breaching of information. The attackers look to major organizations for the chance to enter their systems, and BYOD is the perfect way to reach any organization internal system information. CIS Control methodology helps to reduce these types of attacks where it could be possible to put a stop to these attacks and those launching the cyber security risks.
What are these controls?
There are 20 CIS Controls which The CIS Controls have been divided into 3 different group.
- Basic
- Foundational
- Organizational.
As per the Center for Internet Security (CIS) for each Control and Resources identify a small number of elements that believed are critical to an secured program in each area.
Get Your Free ISO 27001 Gap Analysis Checklist
Top 20 CIS Controls For Maximum Cyber Security
1. Inventory and Control of Hardware Assets:
It actively manage (inventory, track, and correct) all hardware devices on the network so that only authorized devices are given access, and unauthorized and unmanaged devices are found and prevented from gaining access.
2. Inventory and Control of Software Assets:
Actively manage (inventory, track, and correct) all software on the network so that only authorized software is installed and can execute, and that all unauthorized and unmanaged software is found and prevented from installation or execution.
3. Continuous Vulnerability Management:
Continuously acquire, assess, and act on new information in order to identify vulnerabilities, remediate, and minimize the window of opportunity for attackers.
4. Controlled Use of Administrative Privileges:
The processes and tools used to track/control/prevent/correct the use, assignment, and configuration of administrative privileges on computers, networks, and applications.
5. Secure Configuration for Hardware and Software on Mobile Devices, Laptops, Workstations and Servers:
Establish, implement, and actively manage (track, report on, correct) the security configuration of mobile devices, laptops, servers, and workstations using a rigorous configuration management and change control process in order to prevent attackers from exploiting vulnerable services and settings.
6. Maintenance, Monitoring and Analysis of Audit Logs:
Collect, manage, and analyse audit logs of events that could help detect, understand, or recover from an attack.
Foundational Sub-Controls
7. Email and Web Browser Protections:
Minimize the attack surface and the opportunities for attackers to manipulate human behavior through their interaction with web browsers and email systems.
8. Malware Defenses:
Control the installation, spread, and execution of malicious code at multiple points in the enterprise, while optimizing the use of automation to enable rapid updating of defense, data gathering, and corrective action.
9. Limitation and Control of Network Ports, Protocols, and Services:
Manage (track/control/correct) the ongoing operational use of ports, protocols, and services on networked devices in order to minimize windows of vulnerability available to attackers.
10.Data Recovery Capabilities
The processes and tools used to properly back up critical information with a proven methodology for timely recovery of it.
11.Secure Configuration for Network Devices, such as Firewalls, Routers, and Switches
Establish, implement, and actively manage (track, report on, correct) the security configuration of network infrastructure devices using a rigorous configuration management.
12.Boundary Defense
Detect/prevent/correct the flow of information transferring across networks of different trust levels with a focus on security-damaging data.
13. Data Protection
The processes and tools used to prevent data exfiltration, mitigate the effects of exfiltrated data, and ensure the privacy and integrity of sensitive information.
14. Controlled Access Based on the Need to Know:
The processes and tools used to track/control/prevent/correct secure access to critical assets (e.g., information, resources, systems) according to the formal need and right to access these critical assets.
15. Wireless Access Control
The processes and tools used to track/control/prevent/correct the secure use of wireless local area networks (WLANs), access points, and wireless client systems.
16. Account Monitoring and Control
Actively manage the life cycle of system and application accounts – their creation, use, dormancy, deletion – to minimize opportunities for attackers to leverage them
Organizational Sub- Controls
17.Implement a Security Awareness and Training Program
For all functional roles in the organization (prioritizing those mission-critical to the business and its security), identify the specific knowledge, skills, and abilities needed to support defense of the enterprise.
18. Application Software Security
Manage the security life cycle of all in-house developed and acquired software in order to prevent, detect, and correct security weaknesses.
19.Incident Response and Management
Protect the organization’s information, as well as its reputation, by developing and implementing an incident response infrastructure.
20.Penetration Tests and Red Team Exercises
Test the overall strength of an organization’s defense (the technology, the processes, and the people) by the actions of an attacker.
Huge data losses, theft of intellectual property, credit card breaches, identity theft, threats to our privacy, denial of service – these have become a way of life for all of us in cyberspace. ISO 27001 is one of the best controls that is easily applicable to any organization; to find out how an Information Security Management System like ISO 27001 can transform your organisation, click here.
