CIS Critical Security Controls for Effective Cyber Defense

With the increase in technology, the risk of threats and the number of cybercrimes has also increased. According to a cybercrime report, it is proven that there is a hacker attack every 39 seconds. 

This fact, too, was hard-striking to the businesses as in the year 2018, the total cost for cybercrime committed globally added over one trillion dollars.

This huge number is following the fact that people miss minor details in security, and this detail becomes a significant loophole in safety, making the breaching easier. 

Well, everything is in support of the fact that the people involved in cybercrimes are more organized, prepared, and well, collaborative than the people who are trying to protect the system. 

A security breach causes many problems in a system. Some of the common problems are leak and loss of data, also with a permanent disabling of the system. Well, in the new era of technology, no data is hidden if one crosses every limit. But this doesn't mean that we can't protect ourselves. 

Organizing the best line of defense is the best option we should go for, and protecting the parts which are prone to attacks, also plays a significant role. This protection can be done by following the top 'CIS Critical Security Controls' guidelines. 

Top 20 ‘CIS Critical Security Controls’ Guidelines

The ‘CIS Critical Security Controls for Effective Cyber Defense’ is a prioritized set of actions that are recommended to be taken to form a line of defense from cybercrime attacks. A community of IT experts who have firsthand experience in defending against the severest of cybercrime has developed these control guidelines to prevent cybercrime. 

The guidelines apply to a wide range of sectors, including retail, manufacturing, education, defense, and others.

1) Inventory and Control of Hardware Assets

Actively managing hardware devices requesting to connect to the network. Grant permission to the authorized ones only and block all others.

2) Inventory and Control of Software Assets

Actively managing all the software present on the network so that only the authorized ones can execute and installed. Except that, all others are blocked and prevented from execution or installation.

3) Continuous Vulnerability Management

Continuous acquire, access, and analyze any new information present for any vulnerability to minimize the window for any attacks.

4) Controlled Use of Administrative Privileges

Controlled Privileges to the tools and applications to prevent any grave breach in the system. And also, to provide proper administration privileged to the mechanisms and service which prevent it.

5) Secure Configuration for Hardware and Software on various devices, workstations, and servers

Establish and actively manage (track and report) the security configuration setting for any device, workstation, or server using a configuration management service. Alter the control process to prevent attacks from accessing or exploiting any acute environment or facility.

6) Maintenance, Monitoring, and Analysis of Audit Logs

Collect, manage, and analyses audit logs of all events that could help in understanding, detection, and prevention from any threat.

7) Email and Web Browser Protections

Prevent attackers from manipulating the user's behavior through internet activities.

8) Malware Defenses

Controlling of services such as installation and others to prevent any malware attack in the system. Take appropriate and correct actions according to the threat.

9) Limitation and Control of Network Ports, Protocols and Services

Track and control network ports and services to prevent the system from any external connection attacks.

10) Data Recovery Capabilities

The tools and processes which excel adequately backing up the data and in time can recover it properly.

Good Read: Best Organizational Dynamics for Information Security


11) Secure Configuration for Network Devices such as Firewalls, Routers, and Switches

Establish and actively implement network configurations for network devices in live time to prevent any external network threats. In addition to this, they also provide proper measures in such cases.

12) Boundary Defense

Detect, record, analyze, and ensure the user about any threat from the outside. The boundary defense is the first line of defense and watches over all networks to see if there is any un-trusted service which is focusing on breaching the system's data.

13) Data Protection

The proper tools and services to prevent any data leakage from maintaining data privacy and data integrity.

14) Controlled Access Based on the Need to Know

Controlled Access for all the accessing network so that the person trying to access the data through another network will only be able to reach the data which he needs to know. Any access to additional information is prevented.

15) Wireless Access Control

The proper tools and services which will help in controlling the wireless connections in the premises as well as in any wireless client system.

16) Account Monitoring and Control

Actively manage and process the completion of account cycle – creation, processing, and deletion of an asset to prevent any attacker from accessing any information.

17) Implement a Security Awareness and Training Program

For every role in an organization, identify and learn specific knowledge and skills, which will help one in strengthening the line of defense from any attacks. This program will also help in identifying small loopholes that can create disaster in the future.

18) Application Software Security

Prevention, Detection, and Correction of any security weakness in any type of in-house application by processing the security cycle of the system.

19) Incident Response and Management

Developing and Implementing an incident response infrastructure to make sure of the quick discovery and, thus, appropriate action for the threat and to make the system free from it as soon as possible.

20) Penetration Tests and Red Team Exercises

Testing the full strength of the system by organizing a sample test on system security. The test determines the vulnerability of the system as well as the effectiveness of the security measures taken.

Final Verdict

The ‘CIS Critical Security Controls’ guidelines are already beginning to revolutionize the world of cybersecurity for many governments as well as private organizations.

They include simple methods focusing on basic controls that block the attack efficiently and also protect the network from a more significant attack in the future.

Agreed upon by a powerful consortium including organizations such as NSA, DoD, US-Cert, the Department of Energy Nuclear Laboratories, and other top forensic organizations and also significant communities are already relying on these controls. So, it is up to you now to make your network more secure.


Published on Jan 31, 2020
Subho Halder
Written by Subho Halder
Subho Halder is the CISO and Co-Founder of Appknox. He started his career researching Mobile Security. Currently, he helps businesses to detect and fix security vulnerabilities. He has also detected critical loopholes in companies like Google, Facebook, Apple, and others


Chat With Us

Using Other Product?

Switch to Appknox

2 Weeks Free Trial!

Get Started Now