Control 10 of CIS Critical Security Controls version 8 is focused on malware defenses. It describes safeguards to prevent or control the installation, spread and execution of malicious applications, code and scripts on enterprise assets. (In CIS version 7, this topic was covered by Control 8.) Malware, especially ransomware, has become a pressing security issue in recent years.

Many organizations need to meet various compliance standards, and investing in a security information and event management (SIEM) solution can often help them reach that goal. But it worth the cost and effort to deploy a SIEM solution solely for compliance? Or is there a way to maximize the value of your SIEM by strengthening cybersecurity as well as achieving compliance? This article will help you answer those critical questions.

The Center for Internet Security (CIS) provides Critical Security Controls to help organizations improve cybersecurity. Control 7 addresses continuous vulnerability management (this topic was previously covered under CIS Control 3). Continuous vulnerability management is the process of identifying, prioritizing, documenting and remediating weak points in an IT environment.

The Center for Internet Security (CIS) publishes Critical Security Controls that help organization improve cybersecurity. In version 8, Control 6 addresses access control management (in previous versions, this topic was covered by a combination of Control 4 and Control 14).

Maintaining secure configurations on all your IT assets is critical for cybersecurity, compliance and business continuity. Indeed, even a single configuration error can lead to security incidents and business disruptions. Control 4 of CIS Critical Security Controls version 8 details cyber defense best practices that can help you establish and maintain proper configurations for both software and hardware assets.

Unless you know what IT assets you have and how important each of them is to your organization, it’s almost impossible to make strategic decisions about IT security and incident response. Indeed, inventory and control of enterprise assets is so important that it is the first in the set of Critical Security Control (CSCs) published by the Center for Internet Security (CIS).

It’s not your imagination; Zero Trust (ZT) is everywhere these days. Indeed, one study reports that 96% of security decision-makers say ZT is critical to their organization’s success, and another study notes that 51% of business leaders are speeding up their deployment of ZT capabilities. But exactly what is Zero Trust and why is it the top security priority for organizations around the globe?

The Center for Internet Security (CIS) publishes Critical Security Controls that help organization improve cybersecurity. CIS Control 9 covers protections for email and web browsers.

Modern organizations depend upon a dizzying array of software: operating systems, word processing applications, HR and financial tools, backup and recovery solutions, database systems, and much, much more. These software assets are often vital for critical business operations — but they also pose important security risks.

Modern IT environments typically include a wide range of applications: software developed in house, hosted software platforms, open-source tools and purchased solutions. Because these applications access sensitive systems, data and other IT assets, cybercriminals are eager to exploit them during attacks. CIS Control 16 offers application software security controls for strengthening your organization’s security posture.