In the field of cybersecurity, the Center for Internet Security (CIS) Controls play a crucial role in safeguarding organizations against cyber threats. However, confusion often arises regarding the number of controls that should be implemented. While some sources refer to 18 controls, others mention 20 controls. So, what is the correct number of CIS Controls? Let's dive into this topic and find out.
The Origins of the CIS Controls
To understand the discrepancy surrounding the number, let's first explore the origins of the CIS Controls. Developed by a global community of experts, the CIS Controls provide a practical framework for organizations to mitigate cyber risks effectively. Their goal is to establish a baseline of security measures that can prevent the most common attacks.
The 18 CIS Controls
The 18 CIS Controls were initially introduced in 2008. They were created based on empirical data gathered from analyzing real-world attacks. These controls cover a wide range of security areas, including inventory and control of hardware assets, continuous vulnerability management, and controlled use of administrative privileges. The aim is to establish a solid foundation for cybersecurity practices.
The Addition of 2 Companion Guides
In 2015, the CIS Center for Internet Security released two companion guides: the Implementation Group Guide and the Quick Start Guide. These guides provided additional guidance on implementing the 18 CIS Controls. Though they are not considered as separate controls, some sources might include them in the count, leading to references of 20 CIS Controls instead of 18.
Conclusion
The number of CIS Controls is a point of confusion within the cybersecurity community. The fundamental set consists of 18 controls, which form the basis of effective cybersecurity. However, the inclusion of companion guides might lead to references of 20 controls. Ultimately, organizations should focus on understanding and implementing the controls that are most relevant to their specific security needs.
Contact: Cindy
Phone: +86-13751010017
E-mail: sales@iecgauges.com
Add: 1F Junfeng Building, Gongle, Xixiang, Baoan District, Shenzhen, Guangdong, China