Cybersecurity is a huge field, and one that may feel as if it can never be ‘completed’ by many within information security, but this doesn’t have to be case anymore.

Regardless of budget, it can seem impossible for many organizations to completely protect against every attack vector, and cyber risk can be a challenge. Of course, most organizations have security budgets that are far from limitless. How should they allocate their limited security resources to best protect against cyber threats?

This is where the CIS Controls — also known as the CIS Top 20 Security Controls — come in.

What are CIS Security Controls?

The CIS Controls were created to answer a simple question: “What does a typical organization need to do to defend against known attacks?”

The Controls are a set of 20 best practice steps organizations can take to protect against cyber attacks. By focusing on a (Read more...)