SANS Back to Basics: Focus on the First Six CIS Critical Security Controls

Rather than a lack of choices in security solutions, the major problem in cybersecurity is a lack of a defined and repeatable process for selecting, implementing and monitoring the security controls that are most effective against real-world threats. The Center for Internet Security (CIS) Critical Security Controls has proven to be an effective framework for addressing that problem.

The Critical Security Controls are an example of the Pareto Principle at work: 80 percent of the impact comes from 20 percent of the effort. That truism also applies to the Controls themselves: case studies have shown least 85 percent of targeted cyber intrusions can be prevented through proper implementation of the first four Controls.

Download this SANS white paper and learn how implementations of the first CIS Critical Security Controls have proven to deliver a highly effective and efficient level of defense against the majority of real-world attacks and provide the necessary foundation for dealing with more advanced attacks.