The cybersecurity landscape is witnessing a phenomenon that has come to be known as the “Great Resignation” among Chief Information Security Officers (CISOs). The challenges faced by CISOs in coping with ever-increasing regulations, compliance mandates, and the need for skilled resources have reached a tipping point. Coupled with a lack of cooperation from the C-suite, these factors have led to a surge in burnout among CISOs.

The Center for Internet Security (CIS) team continuously release updates about cybersecurity best practices for new technologies. As of March 2023 all CIS Windows Server and Windows Workstation Benchmarks will be updated once a year to align with Microsoft’s update schedule. Major version updates that CIS will release (i.e., updating from v1.12.0 to v2.0.0) will account for significant changes in the operating system.

CIS Critical Security Control, known now as CIS Controls have recently been updated and revised in the CIS Controls v8 released by the Center for Internet Security (CIS). The CIS Controls are a collection of industry-recognized best practices for businesses dealing with data security risks. Such measures were created to make things easier and keep the IT operations and security teams attention on crucial tasks. In v8, CIS changes a little the perspective around baseline security and system hardening.

In the ever-evolving landscape of cybersecurity, organizations strive to safeguard their systems and data against emerging threats. Amidst this pursuit, CIS Benchmarks emerge as an indispensable resource, offering a wealth of knowledge and practical recommendations. But what exactly are CIS Benchmarks, and why are they highly regarded across industries?