CIS CSC
Center for Internet Security (CIS) Critical Security Controls (CSC)
Center for Internet Security (CIS) Critical Security Controls (CSC) are a top list of recommended security domains that organizations should address to prevent and mitigate the most prevalent attack vectors being leveraged by adversaries.
CIS CSC Compliance
Center for Internet Security (CIS) Critical Security Controls (CSC) are a top list of recommended security domains that organizations should address to prevent and mitigate the most prevalent attack vectors being leveraged by adversaries.
Version 8 of the CSC was released in 2021 and contains a total of 18 controls comprised of 153 safeguards. Controls and Safeguards are organized into 3 maturity levels, called Implementation Groups that help measure an organization’s security posture.
The CSC is industry agnostic, but directly maps to various security standards, including FISMA, HIPPA, and PCI-DSS. In comparison to most regulatory security requirements, the CIS CSC is often more streamlined, straightforward and flexible – making it ideal to use in building a security program.
CyberUp24 provides both consultative implementation and assessment services for the CIS CSC. Our team can help build out and mature an existing program around the CSC or provide independent assessment services to determine existing adherence to it.
Services
Consulting
The CyberUp24 will review your existing infrastructure to determine scoping and applicability of the CSC. We then work with your personnel to develop a tailored approach to the proper tools, technologies and processes that need to be put in place for compliance. We provide documentation showing how compliance has been achieved, including: policies, procedures and control implementation statements.
