The Center for Internet Security (CIS) Critical Security Controls is recognized as a gold standard cybersecurity framework, since being introduced in 2008 by the SANS Institute.
Thousands of security conscious organizations worldwide have adopted the CIS Controls, and the framework has been endorsed by such prominent security industry groups as the National Institute of Standards and Technology (NIST) and European Telecommunications Standards Institute (ETSI), among others.
Showing just how important CIS Controls have become to cybersecurity practitioners, it is the only framework referenced in the renowned Verizon Data Breach Investigations Report. Alongside the discussion of the most common breach types, the report articulates the specific Controls organizations should consider to mitigate those threats.
The CIS Controls continue to be refined, with v8 representing the latest evolution of security best practices built for today’s threat landscape. The 18 Controls are subdivided into 153 Safeguards which provide pragmatic, actionable recommendations for improving an organization’s cybersecurity preparedness.
CIS also provides a useful breakdown of the Safeguards based on three Implementation Groups (IGs), which are aligned with an organization’s level of security maturity and need. While organizations in IG1 “have limited IT and cybersecurity expertise to dedicate towards protecting IT assets and personnel,” those in IG3 have “security experts that specialize in the different facets of cybersecurity” and are subject to regulatory and compliance oversight.
Although the 18 Controls span multiple security models and technologies, organizations that adopt a Zero Trust Network Access (ZTNA) approach can take a giant leap forward in their adoption journey.
The table below examines how ZTNA’s core principles align with the CIS Controls.
The robust network security capabilities built into the Harmony SASE platform enable organizations to accelerate their adoption of the CIS Controls. The platform satisfies more than 35 CIS Controls and Safeguards, in full or partially, as summarized below.
Download our coverage matrix and head over to our CIS Controls page to learn more about how Harmony SASE helps address key controls and safeguards.