The Center for Internet Security (CIS) Top 20 Critical Security Controls, is a prioritized set of best practices created to stop the most pervasive and dangerous threats of today. It was developed by leading security experts from around the world and is refined and validated every year.
As you probably know, simply being compliant is not enough to mitigate probable attacks and protect your critical information. While there’s no silver bullet for security, organizations can reduce chances of compromise by moving from a compliance-driven approach to a risk management approach focused on real world effectiveness. Assessing your security posture against the CIS top 20 critical security controls is a great way build an initial roadmap to help protect your organization from some of the most common attacks.