HomeAbout usMediaCIS Press ReleasesCIS, CyberAcuView New Tool Bridges Cybersecurity and Insurance for SMBs

CIS, CyberAcuView New Tool Bridges Cybersecurity and Insurance for SMBs

Control Assist™ connects CIS Critical Security Controls to insurance underwriting, helping small businesses strengthen security and simplify coverage

EAST GREENBUSH, N.Y. Nov. 19, 2025 – The Center for Internet Security, Inc. (CIS®) and CyberAcuView today announced the launch of Control Assist, a new tool designed to bridge the gap between cybersecurity and cyber insurance for small and medium-sized businesses (SMBs).

This collaborative initiative simplifies the insurance application process while guiding SMBs toward stronger, more effective cyber defenses.

Control Assist aligns the CIS Critical Security Controls® (CIS Controls®) Implementation Group 1 (IG1), a globally recognized framework for essential cyber hygiene, with common cyber insurance underwriting questions. This shared structure helps SMBs demonstrate their cybersecurity readiness in clear, standardized terms, reducing confusion, accelerating coverage decisions, and encouraging high-impact security practices.

As part of the initiative, the Control Assist question set was shared with eight cybersecurity and technology companies (Amazon Web Services (AWS), CrowdStrike, SentinelOne, FirstWatch Technologies, Safe Security, Spektrum Labs, Palo Alto Networks, and one other industry partner) to map the control questions to their products. This mapping identifies which questions can be automatically validated based on the technology in use, helping SMBs streamline their insurance applications.

“Control Assist is a practical solution to a persistent challenge,” said Phyllis Lee, Vice President of Controls Content Development at CIS. “SMBs often struggle to translate their security efforts into language insurers understand. By connecting the CIS Controls to underwriting questions, we’re giving them a roadmap that’s both actionable and credible, helping them become more secure and more insurable at the same time.”

How Control Assist Helps:

  • Simplifies the cyber insurance application process by mapping technical security controls to familiar insurance questions.
  • Reduces risk of misinterpretation or missing information that can lead to delayed or denied claims.
  • Guides SMBs toward the most critical investments for defending against common cyber attacks.
  • Gives insurers standardized, verifiable evidence of an organization’s cybersecurity maturity.
  • Enables security vendors to demonstrate how their products support insurance readiness.

 

Control Assist also fosters greater trust, transparency, and resilience across the cyber insurance ecosystem by enabling insurers, vendors, and SMBs to work from a common language. As cyber threats continue to rise, SMBs remain disproportionately targeted and underinsured. This initiative offers a clear, actionable path to improving cyber maturity and securing coverage.

 

“Our mission at CyberAcuView is to strengthen trust and efficiency across the cyber insurance ecosystem,” said Mark Camillo, Chief Executive Officer of CyberAcuView. “Control Assist bridges a critical gap between insurers and insureds by translating essential cybersecurity controls into the language of underwriting. For SMBs, this means less confusion and faster access to coverage. For insurers, it means more confidence in the risk data they rely on.”

CyberAcuView is supported by leading cyber insurance underwriters including AIG, AXIS, Beazley, Chubb, The Hartford, Liberty Mutual Insurance, and Travelers. All CyberAcuView activities are conducted under strict antitrust review and guidance.

To arrange an interview with CIS or CyberAcuView on Control Assist, contact [email protected].

###

About CIS:

The Center for Internet Security, Inc. (CIS®) makes the connected world a safer place for people, businesses, and governments through our core competencies of collaboration and innovation. We are a community-driven nonprofit, responsible for the CIS Critical Security Controls® and CIS Benchmarks, globally recognized best practices for securing IT systems and data. We lead a global community of IT professionals to continuously evolve these standards and provide products and services to proactively safeguard against emerging threats. Our CIS Hardened Images® provide secure, on-demand, scalable computing environments in the cloud. CIS is home to the Multi-State Information Sharing and Analysis Center® (MS-ISAC®), the trusted resource for cyber threat prevention, protection, response, and recovery for U.S. State, Local, Tribal, and Territorial government entities, and the Elections Infrastructure Information Sharing and Analysis Center® (EI-ISAC®), which supports the rapidly changing cybersecurity needs of U.S. election offices. To learn more, visit cisecurity.org or follow us on X: @CISecurity.