The Center for Internet Security (CIS) officially launched version 8 of the CIS Controls In May 2021. This release represents a comprehensive revision of the CIS Controls (v7) and contains updated and simplified guidelines to help defend organisation's security posture.
The CIS controls are a great way to adopt the industry best practices for data security and a great way to begin to prepare for other compliance efforts that may be in the pipeline for your organisation.
The new CIS 18 controls are:-
- Inventory and Control of Enterprise Assets
- Inventory and Control of Software Assets
- Data Protection
- Secure Configuration of Enterprise Assets and Software
- Account Management
- Access Control Management
- Continuous Vulnerability Management
- Audit Log Management
- Email and Web Browser Protections
- Malware Defenses
- Data Recovery
- Network Infrastructure Management
- Network Monitoring and Defense
- Security Awareness and Skills Training
- Service Provider Management
- Application Software Security
- Incident Response Management
- Penetration Testing
