cis controls

Vince Lombardi, the famous football coach, used to start his training camp each season with a talk about doing the basics. He’d tell the players that they start with the basics, then ...

Tony Sager, Senior Vice President and Chief Evangelist at CIS (Center for Internet Security) joins us to discuss the best approaches to the changing security landscape in the wake of COVID-19. Tony ...

Why is cybersecurity important to Education? Acknowledging recent reports of ransomware targeting educational institutions, it is no wonder that there have also been articles that attempt to lure in readers with “free” ...

The post Cloud Security a Shared Responsibility – Shared Security Model appeared first on CCSI ...

As recently as 2017, security and compliance professionals at many of Tripwire’s large enterprise and government customers were talking about migration to the cloud as a possibility to be considered and cautiously ...

The Discovery tactic is one which is difficult to defend against. It has a lot of similarities to the Reconnaissance stage of the Lockheed Martin Cyber Kill Chain. There are certain aspects ...

There’s no doubt about it, attackers want your credentials more than anything, especially administrative credentials. Why burn a zero-day or risk noisy exploits when you can just log in instead? If you ...

Compliance with version 3.2 of the Payment Card Industry Data Security Standard (PCI DSS) is a must for organizations that handle, process, transmit and store payment card data. But compliance isn’t always ...

Although ATT&CK is not laid out in any linear order, Initial Access will be the point at which an attacker gains a foothold in your environment. This tactic is a nice transition ...

Today, I will be going over Control 2 from version 7 of the top 20 CIS Controls – Inventory and Control of Software Assets. I will go through the 10 requirements and ...