The Center for Internet Security (CIS) is a not-for-profit organization that exists to identify, develop, validate, promote and sustain best practices in cybersecurity for both the public and private sectors. The CIS does this by setting out global standards for internet security namely through its CIS ‘Critical Cyber Security’ Controls and CIS Benchmarks.
The CIS Controls are a set of top 20 critical security controls, which were originally developed by leading cyber experts from across the globe to assist the US Department of Defense in prioritizing and strengthening its cybersecurity.
Implementing the 20 controls into your own organization undoubtedly provides robust cyber security, however few organizations have the budget, resources, time and expertise to implement the entire set of controls simultaneously. A more pragmatic approach is to use the controls as a starting point for review of your existing provision and to prioritise those most relevant to your organization.
The CIS benchmarks are best-practice security configuration guidelines developed with input from the US government, private-sector, security industry and academia, to help organizations comply with a number of recognized security standards.
There are over 140 configuration guidelines to safeguard systems against rapidly evolving cyber threats. These include; technical control rules and values for hardening network devices, operating systems, and middleware and software applications. They are widely recognized as the configuration security standard for commercial organizations.
Helping clients to achieve the highest level of cybersecurity across industry sectors, Titania is a certified CIS member.
Our Titania Nipper auditing tool can automate the assessment of industry leading Cisco IOS systems, to provide the highest level of CIS compliance.