The CIS Critical Security Controls for Effective Cyber Defense
The CIS Critical Security Controls are a recommended set of actions for cyber defense that provide specific and actionable ways to stop today's most pervasive and dangerous attacks. A principal benefit of the Controls is that they prioritize and focus a smaller number of actions with high pay-off results. The Controls are effective because they are derived from the most common attack patterns highlighted in the leading threat reports and vetted across a very broad community of government and industry practitioners. They were created by the people who know how attacks work - NSA Red and Blue teams, the US Department of Energy nuclear energy labs, law enforcement organizations and some of the nation's top forensics and incident response organizations - to answer the question, "what do we need to do to stop known attacks." That group of experts reached consensus and today we have the most current Controls. The key to the continued value is that the Controls are updated based on new attacks that are identified and analyzed by groups from Verizon to Symantec so the Controls can stop or mitigate those attacks.
The Controls take the best-in-class threat data and transform it into actionable guidance to improve individual and collective security in cyberspace. Too often in cybersecurity, it seems the "bad guys" are better organized and collaborate more closely than the "good guys." The Controls provide a means to turn that around.
SANS Supports the CIS Critical Security Controls with Training, Certifications, and Research
To support information security practitioners and managers implement the CIS Critical Security Controls, SANS provide a number of resources and information security courses.
Information Security Courses
- SEC440: Critical Security Controls: Planning, Implementing and Auditing
- SEC511: Continuous Monitoring and Security Operations
- SEC566: Implementing and Auditing the Critical Security Controls - In-Depth
Information Security Resources
- NewsBites: Bi-weekly email of top news stories with commentary from SANS Editors. View recent editions & Subscribe
- Whitepapers: Research from SANS instructors and masters students. Download the latest papers related to the Critical Controls
- Webcasts: Topical content presented by SANS Instructors, vendors, and leaders in infosec security. View upcoming webcasts
CIS Critical Security Controls - Version 6.0
To learn more about the CIS Critical Security Controls and download a free detailed version please visit: http://www.cisecurity.org/critical-controls/
- CSC 1: Inventory of Authorized and Unauthorized Devices
- CSC 2: Inventory of Authorized and Unauthorized Software
- CSC 3: Secure Configurations for Hardware and Software on Mobile Device Laptops, Workstations, and Servers
- CSC 4: Continuous Vulnerability Assessment and Remediation
- CSC 5: Controlled Use of Administrative Privileges
- CSC 6: Maintenance, Monitoring, and Analysis of Audit Logs
- CSC 7: Email and Web Browser Protections
- CSC 8: Malware Defenses
- CSC 9: Limitation and Control of Network Ports, Protocols, and Services
- CSC 10: Data Recovery Capability
- CSC 11: Secure Configurations for Network Devices such as Firewall Routers, and Switches
- CSC 12: Boundary Defense
- CSC 13: Data Protection
- CSC 14: Controlled Access Based on the Need to Know
- CSC 15: Wireless Access Control
- CSC 16: Account Monitoring and Control
- CSC 17: Security Skills Assessment and Appropriate Training to Fill Gaps
- CSC 18: Application Software Security
- CSC 19: Incident Response and Management
- CSC 20: Penetration Tests and Red Team Exercises