Effective cybersecurity programs many times utilize a layered approach. Spending a vast sum on advanced protection systems can be pointless if the time is not taken to secure against basic threats.

This is the philosophy espoused by the CIS Controls, a set of 20 security best practices developed to help organizations protect against the most common real-world cyber attacks.  In this article, we’ll cover the second tier of the CIS Controls — CIS Foundational Controls — including why each of the controls is important, and how organizations can implement them. You can review the Basic Controls from our previous post.

What are the CIS Foundational Controls?

The CIS Controls are broken down into three tiers:

  • Six Basic Controls
  • Ten Foundational Controls
  • Four Organizational Controls

Once the four Basic Controls are implemented, you’ve met the minimum standards needed for cyber defense. By doing just this, your organization can reduce cyber (Read more...)