Top 5 CIS Critical Security Controls

Top 5 Centre for Information Security (CIS) Critical Security Controls

To create a focused security strategy in your organization, you need a strong security framework. When Management, IT Security and IT support teams work together to promote a focused security solution built on common processes and a prioritized set of actions, costs can go down and responsiveness can increase.

The CIS has done significant research and produced case studies showing that configuring IT systems in compliance with the Top 5 CIS controls can eliminate 80 to 95 percent of known security vulnerabilities. 

In particular, the Top 5 CIS Critical Security Controls establish a solid foundation for radically improving an organization’s overall security state.

1. Inventory of Authorized and Unauthorized Devices  

As per the CIS: “Actively manage (inventory and track) all hardware devices on the network so that only authorized devices are given access, and unauthorized and unmanaged devices are found and prevented from gaining access to any part of the company network.” 

2. Inventory of Authorized and Unauthorized Software  

As above, but for software: illegal software could have a back or malware built in and could be active on your network right now. “Actively manage (inventory, track, and fix) all software on the network so that only authorized software is installed and can execute, and that unauthorized and unmanaged software is found, un-installed and prevented from future installation or execution.”

Panda anti-virus 360 defence has an application whitelist that prevents unknown applications running on any system until it has been checked against a large database or manually.

3. Secure Configuration for Hardware and Software  

“Establish, implement, and actively manage (track, report on, fix) the security configuration of laptops, servers, and workstations using a rigorous configuration management and change control process in order to prevent attackers from exploiting vulnerable services and settings. (As delivered by manufacturers where the default configurations for operating systems and applications are normally geared to ease-of-deployment and ease-of-use and not security.)” 

This includes encryption for laptops, email encryption, security updates, anti-virus etc.

4. Continuous Vulnerability Assessment and Re-mediation  

“Continuously acquire, assess, and take action on new information in order to identify vulnerabilities, resolve, and minimize the window of opportunity for attackers.” You can not just do one security audit at the beginning of the year and then forget about it. Security threats change every single day and need to be constantly monitored and your defence needs to be changed and updated.

5. Controlled Use of Administrative Privileges  

“The misuse of administrative privileges is a primary method for attackers to spread inside a target enterprise.” Provide processes and tools “to track/control/prevent/correct the use, assignment, and configuration of administrative privileges on computers, networks, and applications.” 

In large networks, there should not be a single user who can access everything on the entire network. There needs to be segregation of key, critical areas.

Only authorised users who absolutely need admin privileges to certain parts of the system should have access otherwise limited privileges should be implemented.

If you have any questions or feedback, please get in touch with us.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.