CIS Controls, the building blocks of organizational cybersecurity

The list of this century’s biggest data breaches, which have exposed more than 4.99 billion records, reads like a corporate who’s who: Yahoo, eBay, Equifax, Heartland Payment Systems, Target, TJX Companies and JPMorgan Chase all made the top ten. Equally disturbing is the fact that eight of the top 10 occurred within the last five years.

This begs the question: are we getting any better at protecting our organizations from cyberattacks? HelpNetSecurity answers with a resounding “no”: “Organizations are not where they need to be when it comes to protecting their online ecosystems against attacks and the reality of the situation is troubling.”

But there is good news; it is possible to significantly reduce your risk of cyberattack. Using the Center for Internet Security (CIS) Controls as a framework, organizations can build and maintain a strong cybersecurity posture, even with budget and resource limitations. These controls, considered the gold standard, are purposefully designed to be both user—and budget—friendly.

 

continue reading »