CIS Critical Security Controls

Compliance Platform

What is CIS Critical Security Controls ?

Center for Internet Security Critical Security Controls for Effective Cyber Defense (CIS Controls) is a publication of best practice guidelines for computer security. The project was initiated early in 2008 in response to extreme data losses experienced by organizations in the US defense industrial base. The publication was initially developed by the SANS Institute. Ownership was then transferred to the Council on Cyber Security (CCS) in 2013, and then transferred to Center for Internet Security (CIS) in 2015. 

The guidelines consist of 18 key actions, called Critical Security Control, that organizations should implement to block or mitigate known attacks. The controls are designed so that primarily automated means can be used to implement, enforce and monitor them.

The Security Controls provide practical recommendations for cyber security. Goals of the guidelines include leveraging cyber offense to inform cyber defense, maximizing the use of automation to enforce Security Controls, thereby negating human errors and using consensus process to collect best ideas. 

This solution will facilitate the implementation of CIS Critical Security Controls.