Just released on May 18, is the eighth iteration of the Center of Internet Security Critical Controls. Previously, these 20 controls, based on best practices, aimed to assist an organization to prioritize their defenses. The controls have been reorganized and redefined over the years. Version 8 realizes that many of the controls were overlapping, so they combined them. Other controls were more specifically detailed.
The updated controls include modern technologies. Each control is defined into three implementation groups (IG) in order to assist organizations with prioritization. Each IG identifies a set of safeguards that need to be implemented.
IG1 is identified as basic cyber hygiene and serves as a starting point and foundational set of defenses for all organizations. IG2 builds upon IG1, and then IG3 will encompass all the safeguards.
Our Cybersecurity Team’s cybersecurity assessments are based on these controls, NIST guidelines and security best practices. Our members can request more information on the assessment by emailing security@more.net.
CIS Controls v8 Download
CIS Controls v8 – View
About implementation groups