<img src="https://ws.zoominfo.com/pixel/4CagHYMZMRWAjWFEK36G" width="1" height="1" style="display: none;">
Request Demo

Cybersecurity Frameworks

Top 5 Recommendations For Your Next CIS Top 20 Assessment

down-arrow

Discover, design, validate, promote, and sustain best practice cyber protection solutions to safeguard your people and processes. As the cyber attack surface expands, the Center for Internet Security (CIS) has developed a comprehensive list of critical security controls (CSC) to identify gaps in your company's cyber defense strategy and security frameworks.

What is CIS Top 20?

The CIS Top 20 Critical Security Controls is a list of best practices intended to address today's most pervasive and dangerous threats. The world's top security professionals designed this control framework which is updated and validated every year.

The CIS Critical Security Controls (CIS Controls) is a prioritized set of safeguards designed to protect systems and networks from the most common attacks and data breaches. Multiple legal, regulatory, and policy frameworks link to and reference these security controls for effective defense.

Who Uses CIS Controls?

Companies of all kinds and sizes use CIS Controls. As of May 1, 2017, companies have downloaded the control set over 70,000 times. The states of Arizona, Colorado, and Idaho and the cities of Oklahoma City, Portland, and San Diego have all formally accepted using CIS controls for effective cyber defense.

Boeing, Citizens Property Insurance, Corden Pharma, and the Federal Reserve Bank of Richmond are among the major companies that employ CIS controls to protect sensitive information.

Top 5 Recommendations For CIS Controls

Implementing the CIS Top 20 key security measures is an excellent method to safeguard your company against some of the most prevalent threats.

  • Create And Keep A Software Inventory

Make a complete inventory of all licensed software installed on corporate assets and keep it updated. Each item in the software inventory must include the title, publisher, install/use date, and business objective. The URL, version, deployment mechanism, and decommission data must be included if applicable. It's critical to check and update the software inventory twice a year. 

Ascertain that unauthorized software is either removed from corporate assets or given a written exemption. Review at least once a month.

  • Detect And Respond To Incidents

The incident reaction might be a series of events rather than a single event. Teams must coordinate and organize their efforts to be effective in incident response. Any response program should incorporate five essential steps to effectively address the broad spectrum of security threats that a firm may encounter.

The key to successful incident response is preparation. Even the most minor incident response team cannot adequately address an issue without defined parameters. 

The detection and reporting phases primarily focus on monitoring security events to discover, notify and report possible security problems.

  • Monitor: Use firewalls, intrusion prevention systems, and data loss prevention to keep track of security occurrences in your environment.
  • Detect: Use a SIEM system to correlate signals to identify possible security problems.
  • Alert: Analysts produce an event ticket, describe early findings, and categorize the occurrence.
  • Report: Your reporting procedure should accommodate for regulatory reporting escalation.

Users should have comprehensive knowledge of live system responses, digital forensics, memory analysis, and malware analysis. Security teams should gather data from tools and systems for subsequent analysis and identification of compromise signs.

Next, one essential step of incident response is neutralization and control. The intelligence and signs of a compromise obtained during the analysis phase inform the containment and neutralization plan. Normal operations can continue after the system has been recovered and confirmed security.

After the response team settles the event, there is still work to be done. Make sure to carefully capture any information that may be relevant to prevent such events in the future.

  • Identify Security Gaps

As the frequency of data breaches grows, organizations must strengthen their defenses to safeguard one of their most essential assets, i.e., data.

Organizations can no longer afford to be clueless about the frequency and complexity of cyber events in their industry and beyond. Before a breach happens, companies must test their defenses and be prepared to respond. It is also essential to know the threats, the opponents, and the available resources. 

Attackers may have gained access to a company's network and are waiting for the appropriate moment to attack. Organizations should perform active threat hunting to detect these efforts and prevent attacks from occurring. They also must ensure that the correct monitoring systems are in place to guarantee the early detection of threats and vulnerabilities.

  • Implement CIS 20 Controls

Once you have identified the problems, implementing CIS controls per your organization's requirements is the next step. Here are some measures through which you can ensure successful implementation.

Take Inventory of your assets to lay the groundwork for the rest of the process—after all, you can't create controls to safeguard devices and people if you don't know what you're protecting. Critical Security Controls 1 and 2 correlate to this stage.

Next, figure out what controls you already have and where you've spent money and effort. Make sure you know how well you are (or aren't) protected right now so you can tell IT and top management. Critical Security Controls 3, 4, 5, 7, 8, 10, 13, and 18 correspond to this stage.

Determine what network entry and exit safeguards are in place. A network boundary inventory will be helpful here. Then, restrict access to your wireless local area networks to authorized users and limit network inflow and egress. Critical Security Controls 9, 11, 12, and 15 correspond to this stage.

Your next step is incident detection and response. It might be tiny, random, or targeted, and you never know when the assault will happen, but you can bank on it happening. Prepare a comprehensive incident response plan and a defined internal procedure that feeds into your security plan for establishing and maintaining controls. Critical Security Controls 6, 16, and 19 correspond to this stage.

To assist you in prioritizing how to drive your security program ahead, you need to know where the gaps exist. But be prepared: determining which gaps are essential needs team unanimity. Now it's time to plan and implement the controls. So now you know how safe you are and where your most serious security flaws are. 

Next up? Choose how you'll handle short and long-term maintenance and measure progress over time.

People are typically the weakest link in the security chain, no matter how much we love them. That is why it is critical to teach and test users to ensure they know what to look for and the necessity of security.

  • Test Controls

Use tools like penetration testing and red team exercise to ensure your controls are working once they're in place. Security teams should perform this activity frequently as your efforts provide confidence in your strategy and internal credibility.

Wrapping Up

Successful implementation of CIS Top 20 controls is not the only thing that helps you save from all the security breaches. Testing them is a must and should be done once all the measures are implemented. 

CyberStrong can streamline your compliance to the CIS controls along with other gold-standard frameworks like the NIST Cybersecurity Framework (CSF), ISO 27001, and CMMC. Contact us if you’d like to learn more about CyberStrong’s automated risk and compliance solution, and our experts will guide you throughout the process.

You may also like

NIST vs. ISO –What You Need To Know
on June 24, 2022

Organizations are increasingly on the lookout for ways to strengthen their cybersecurity capabilities. Many have found solace in compliance frameworks that help guide and improve ...

Top 5 Recommendations For Your ...
on June 22, 2022

Discover, design, validate, promote, and sustain best practice cyber protection solutions to safeguard your people and processes. As the cyber attack surface expands, the Center ...

June Product Update
on June 21, 2022

It’s a celebration! 🎵♪🎵♪ ♩Automate your scores, come on (Let’s automate) Automate your scores, come on (Let’s automate) There’s a party goin’ on right here An automation to last ...

Why You Need CIS Controls for ...
on June 17, 2022

The Center for Internet Security (CIS) is a non-profit organization that helps public sectors and private sectors improve their cybersecurity. The organization aims to help small, ...

Small Business Cybersecurity ...
on June 15, 2022

To achieve peace of mind in the modern threat landscape, small business owners must have a solid security strategy and budget in place. VIPRE’s SMB Security Trends report state ...

Do Small Businesses and Startups ...
on June 10, 2022

Did you know that about 60% of small businesses shut down within 6 months by falling victim to a data breach or cyber-attack, where the average global breach cost hovers at $3.62 ...