Top 20 Solutions provides answers…
We target these 20 CIS Control areas of your business to make sure you are protected from the thousands of threat present in today’s technology landscape.
BASIC
(1) Inventory and Control of Hardware Assets
(2) Inventory and Control of Software Assets
(3) Continuous Vulnerability Management
(4) Controlled use of Administrative Privileges
(5) Secure Configuration for Hardware and Software on Mobile devices, laptops, workstations, and servers
(6) Maintenance, Monitoring and Analysis of Audit logs
FOUNDATIONAL
(7) Email and Web Browser protections
(8) Malware Defenses
(9) Limitations and Control of Network Port, Protocols and Services
(10) Data Recovery Capabilities
(11) Secure Configuration for Network devices, firewalls, routers and switches
(12) Boundary Defense
(13) Data protection
(14) Controlled access based on the need to know
(15) Wireless Access control
(16) Account monitoring and control
ORganizational
(17) Implement a Security Awareness and Training Program
(18) Application Software security
(19) Incident Response and Management
(20) Penetration Tests and Red Team exercises.