Cyber threats are becoming increasingly sophisticated and frequent, and no organization—big or small—is exempt from the risk of an attack. This makes it essential to have robust security measures in place.
Developed by the Center for Internet Security (CIS), CIS18 represents a comprehensive and structured approach to cybersecurity. The framework consists of 18 controls and benchmarks designed to protect organizations from the most common and dangerous security threats.
What is CIS18?
CIS18, also known as the Center for Internet Security’s 18 Controls, is a framework of specific security controls developed to enhance cybersecurity in organizations worldwide. These controls are based on expertise and experience from various sectors and are designed to address a wide range of security threats.
The framework provides organizations with a systematic and effective method to improve their security measures and reduce the risk of cyberattacks. It includes detailed guidance on identifying, prioritizing, and implementing security measures to protect organizational data and systems.
Why Is CIS18 Important?
CIS18 is relevant to many organizations as it offers a structured method for defending against the most common and severe cybersecurity threats.
By following the controls and benchmarks in CIS18, organizations can mitigate the risk of cyberattacks, data loss, and other security-related incidents. The framework is based on best practices from cybersecurity experts and is continuously updated to address emerging threats, while providing a proven and systematic approach to security.
Key benefits of implementing CIS18:
1) Structured protection against cyber threats
CIS18 offers a systematic method to defend against the most widespread and dangerous cybersecurity threats. It helps organizations prioritize security efforts based on their risk profile, ensuring resources are used effectively to address critical areas.
2) Risk reduction
By following CIS18 controls, organizations can significantly reduce the risk of cyberattacks, data loss, and other security-related events. The controls help identify and mitigate vulnerabilities before attackers can exploit them.
3) Based on best practices
CIS18 is developed using extensive expertise and insights from cybersecurity specialists worldwide. This ensures that the controls are tried, tested, and reflect the latest and most effective security measures.
4) Continuous updates
As cyber threats evolve and technology advances, CIS18 is regularly updated to address new challenges. This ensures that organizations remain equipped to handle current and future threats.
5) Increased resilience
Implementing CIS18 enhances an organization’s overall resilience to cyber threats. The framework enables quick and effective responses to security incidents, minimizes damage, and facilitates faster recovery to normal operations.
6) Improved regulatory compliance
Many regulatory frameworks and standards reference or align with CIS18. Implementing its controls can help organizations more easily achieve compliance with legal requirements, such as the NIS2 directive, which is crucial for avoiding penalties and maintaining a positive reputation.
How can CIS18 be used in connection with NIS2?
CIS18 and the NIS2 directive complement each other, working together to strengthen an organization’s cybersecurity. NIS2 imposes stricter requirements for cybersecurity, preparedness, and reporting, while CIS18 provides a practical, detailed approach to implementing these requirements.
NIS2 emphasizes continuous risk assessment and incident handling, which CIS18 supports through specific controls for identifying, assessing, and mitigating risks, as well as establishing robust incident response plans. Additionally, NIS2 focuses on supply chain security, and CIS18 includes controls for managing third-party risks, ensuring that suppliers comply with necessary security standards.
By integrating CIS18 into their security strategy, organizations can more easily meet NIS2 requirements while building a stronger overall defense against cyber threats.
How to get started with CIS18
Implementing CIS18 begins with an assessment of the organization’s current security level, identifying gaps and weaknesses compared to CIS18 controls. Following this, it’s essential to prioritize the controls that offer the greatest value and protection based on the organization’s specific risk profile—not all controls are equally relevant for every organization, so a focused approach is critical.
Once priorities are set, the implementation of selected controls can begin. This step involves establishing policies, procedures, and technical measures to support each control. Proper documentation and integration of security measures into daily operations are crucial, as are training and awareness initiatives to ensure employees understand their roles in maintaining security.
Finally, organizations should establish processes for ongoing monitoring and review of controls. As the security landscape evolves, it’s necessary to ensure that controls remain effective and adapted to new threats and organizational changes. Regularly monitoring and auditing security measures helps quickly identify and address potential weaknesses, ensuring sustained protection against cyber threats.
The CIS18 Controls
CIS18 is divided into the following main categories:
- Inventory and control of enterprise assets
Identify and track all physical and virtual assets within the organization. - Inventory and control of software assets
Manage software on organizational devices to ensure only authorized software is installed and used. - Data protection
Implement measures to safeguard data both at rest and in transit. - Secure configuration of enterprise assets and software
Use secure configurations for all assets and software to reduce vulnerabilities. - Account management
Ensure proper administration of user accounts, including access rights and authorization. - Access control management
Restrict access to networks and data based on user roles and needs. - Continuous vulnerability management
Regularly scan for and address vulnerabilities in systems and applications. - Audit log management
Monitor and analyze security-related incidents using log files. - Email and web browser protections
Implement protective measures for email and web browsers. - Malware defenses
Protect systems against malware through appropriate security software and policies. - Data recovery
Establish backup and recovery procedures to ensure data integrity and availability. - Network infrastructure management
Strengthen network infrastructure through segmentation and security measures. - Network monitoring and defenses
Monitor networks for unauthorized activities and implement defense strategies. - Security awareness and skills training
Train employees in security awareness and skills. - Service provider management
Ensure third-party providers comply with security policies and standards. - Application software security
Incorporate security into the development and maintenance of applications. - Incident response management
Develop and test plans for managing security incidents. - Penetration testing
Conduct regular penetration testing to identify and address vulnerabilities.
Implementing CIS18 may seem complex, but with a systematic approach, organizations can significantly improve their cybersecurity posture. This, in turn, helps protect against threats and ensures compliance with relevant laws and regulations.
ALSO READ: Key factors for successful implementation of the CSRD
