Center for Internet Security (CIS) Critical Security Controls (CSC) are a top list of recommended security domains that organizations should address to prevent and mitigate the most prevalent attack vectors being leveraged by adversaries. Version 8 of the CSC was released in 2021 and contains a total of 18 controls comprised of 153 safeguards. Controls and Safeguards are organized into 3 maturity levels, called Implementation Groups that help measure an organization’s security posture.
The CSC is industry agnostic, but directly maps to various security standards, including FISMA, HIPPA, and PCI-DSS. In comparison to most regulatory security requirements, the CIS CSC is often more streamlined, straightforward and flexible – making it ideal to use in building a security program.
GAI Cyber provides both consultative implementation and assessment services for the CIS CSC. Our team can help build out and mature an existing program around the CSC or provide independent assessment services to determine existing adherence to it.
(Click to enlarge)
Contact a Cybersecurity Expert.
Are you ready to start your compliance journey? GAI Cyber is ready to assist with any of your compliance, cybersecurity, and privacy needs.
GAI Compliance Solutions.
Read 5 Minutes
GAI Cyber offers a variety of training courses for certifications and cybersecurity topics. Classes are taught through online delivery format, as well as in person – at one of our training locations or on client site. Contact us for details about training course availability and scheduling.