Enterprise-level organizations have access to a vast range of security tools, resources, standards, and advice. Utilizing free and paid threat feeds, they can gain an unprecedented level of insight into the latest threat actor tactics, techniques, and procedures.

Even small organizations find themselves surrounded by a laundry list of compliance requirements, risk management frameworks, and regulations.

All considered, it may seem as if the tasks needed for organizations to identify ways to protect against cyber attacks would be easy. However, much of this information can easily become overwhelming. Budgets and logistics can make it a challenge do everything — or even come close — leaving organizations to make tough decisions about which actions/controls to prioritize. This is where the CIS Basic Controls come in.

What are the CIS Basic Controls?

CIS Basic Controls are the foundational level of the globally accepted CIS Controls framework — a defense-in-depth set of 20 (Read more...)