Center for Internet Security’s Top 5 Controls

The Center for Internet Security (CIS) is a nonprofit organization formed in 2000 to “identify, develop, validate, promote and sustain best practice solutions for cyber defense, and build and lead communities to enable an environment of trust in cyberspace.” Its CIS Controls is a prioritized set of actions that protect your critical systems and data from the most pervasive cyberattacks. They embody the critical first steps in securing the integrity, mission and reputation of your organization.

CIS states that the first five controls, which fall under endpoint security, will help you eliminate the vast majority of your organization’s vulnerabilities.  They are:

  1. Inventory of Authorized and Unauthorized Devices
    Primary: Discovery, Vulnerability Assessment
    Secondary: Network Access Control
  2. Inventory of Authorized and Unauthorized Software
    Primary: Software Change Management, Vulnerability Management
    Secondary: Application Whitelisting
  3. Secure Configurations for Hardware and Software on Mobile Devices, Laptops, Workstations and Servers
    Primary: Vulnerability Assessment
    Secondary: Patch Management, Secure Remote Access
  4. Continuous Vulnerability Assessment and Remediation
    Primary: Vulnerability Assessment
  5. Controlled Use of Administrative Privileges

View the full list of CIS controls on the CIS website.

Do you have a system in place that addresses these endpoint security concerns? If not, it is time to be proactive.

IBM BigFix is one solution that addresses these security challenges by providing real-time visibility and control across endpoints, however they are connected. Sirius is a leader in endpoint security, having acquired skills and knowledge through numerous, successful endpoint management implementations. Our consultants are certified professionals who utilize a proven methodology to ensure success in defining and developing the right solution—and demonstrate value—for each engagement.

Visit siriuscom.com/security for more information, or contact us to learn about our Security Architecture Review.

By |2018-12-26T21:42:12-05:00November 13th, 2017|Blog|Comments Off on Center for Internet Security’s Top 5 Controls

About the Author:

Doug Piner is a Security Solutions Architect with Sirius.