Menu
Home
People
Places
Arts
History
Plants & Animals
Science
Life & Culture
Technology
Reference.org
The CIS Critical Security Controls for Effective Cyber Defense
open-in-new
<h2 id="goals">Goals</h2> <p>The guidelines consist of 18 (originally 20) key actions, called critical security controls (CSC), that organizations should implement to block or mitigate known attacks. The controls are designed so that primarily automated means can be used to implement, enforce and monitor them.<a class="footnote-ref" id="fnref:3" href="#fn:3"><sup>3</sup></a> The security controls give no-nonsense, actionable recommendations for cyber security, written in language that’s easily understood by <a href="/facts/Information_technology/glMzunwe">IT</a> personnel.<a class="footnote-ref" id="fnref:4" href="#fn:4"><sup>4</sup></a> Goals of the Consensus Audit Guidelines include </p> <ul><li>Leveraging cyber offense to inform cyber defense, focusing on high payoff areas</li> <li>Ensuring that security investments are focused to counter highest threats</li> <li>Maximizing the use of automation to enforce security controls, thereby negating human errors</li> <li>Using consensus process to collect best ideas<a class="footnote-ref" id="fnref:5" href="#fn:5"><sup>5</sup></a></li></ul> <h2 id="supported-platforms">Supported Platforms</h2> <p>CIS Benchmarks cover a wide range of technologies, including: </p> <ul><li>Operating Systems: Windows, Linux, macOS</li> <li>Servers: Apache, NGINX, Microsoft IIS</li> <li>Cloud Platforms: AWS, Azure, Google Cloud Platform</li> <li>Network Devices: Cisco, Juniper</li> <li>Applications: Microsoft Office, Google Chrome, Mozilla Firefox<a class="footnote-ref" id="fnref:6" href="#fn:6"><sup>6</sup></a></li></ul> <h2 id="references">References</h2> <ol> <li id="fn:1"><p>"Gilligan Group Inc., CAG Background and Participants" <a href="http://www.gilligangroupinc.com/headlines/2009/feb-23-related/background-and-participants.html" target="_blank">http://www.gilligangroupinc.com/headlines/2009/feb-23-related/background-and-participants.html</a> <a href="#fnref:1" class="footnote-back-ref">↩</a></p></li> <li id="fn:2"><p>“CIS Critical Security Controls Version 8, CIS webpage, January 17, 2024 <a href="https://www.cisecurity.org/controls/v8?msclkid=363086a359ea1ff39cc0e30b509f6b8e" target="_blank">https://www.cisecurity.org/controls/v8?msclkid=363086a359ea1ff39cc0e30b509f6b8e</a> <a href="#fnref:2" class="footnote-back-ref">↩</a></p></li> <li id="fn:3"><p>“Understanding Technology Stakeholders: Their Progress and Challenges” by John M. Gilligan, Software Assurance Forum, November 4, 2009 <a href="https://buildsecurityin.us-cert.gov/swa/presentations_1109/W3%20Final%20-%20Kass%20-%20Understanding%20Technology%20Stakeholders.pdf" target="_blank">https://buildsecurityin.us-cert.gov/swa/presentations_1109/W3%20Final%20-%20Kass%20-%20Understanding%20Technology%20Stakeholders.pdf</a> <a href="#fnref:3" class="footnote-back-ref">↩</a></p></li> <li id="fn:4"><p>“Consensus Audit Guidelines: Overview” by Lieberman Software Corporation <a href="https://web.archive.org/web/20120330220029/http://www.liebsoft.com/CAG_overview/" target="_blank">https://web.archive.org/web/20120330220029/http://www.liebsoft.com/CAG_overview/</a> <a href="#fnref:4" class="footnote-back-ref">↩</a></p></li> <li id="fn:5"><p>“Consensus Audit Guidelines: Time to ‘Stop The Bleeding’” by John M. Gilligan, 10th Semi-Annual Software Assurance Forum, March 12, 2009 <a href="https://buildsecurityin.us-cert.gov/swa/presentations_09/Day%203%20-%20GILLIGAN%20-%20DoD-MITRE%20Software%20Assurance%20Conference%203-12-09.pdf" target="_blank">https://buildsecurityin.us-cert.gov/swa/presentations_09/Day%203%20-%20GILLIGAN%20-%20DoD-MITRE%20Software%20Assurance%20Conference%203-12-09.pdf</a> <a href="#fnref:5" class="footnote-back-ref">↩</a></p></li> <li id="fn:6"><p>Vanney, Ivan (July 2, 2024). "What are CIS Benchmarks?". Linux.Lat. Retrieved July 3, 2024. <a href="https://linux.lat/cis-benchmarks-a-comprehensive-guide/" target="_blank">https://linux.lat/cis-benchmarks-a-comprehensive-guide/</a> <a href="#fnref:6" class="footnote-back-ref">↩</a></p></li> </ol>