tagline: Confidence in the Connected World
CIS Logo
HomeCIS ControlsCIS Control 8: Malware Defenses
Young men working on a computer

CIS Control 8

Malware Defenses

Key Principle:

Control the installation, spread, and execution of malicious code at multiple points in the enterprise, while optimizing the use of automation to enable rapid updating of defense, data gathering, and corrective action.

Why is this CIS Control critical?

Malicious software is an integral and dangerous aspect of Internet threats, and can be designed to attack your systems, devices, or your data. It can be fast-moving, fast-changing, and enter through any number of points like end-user devices, email attachments, web pages, cloud services, user actions, and removable media. Modern malware can be designed to avoid defenses, or to attack or disable them.

Malware defenses must be able to operate in this dynamic environment through large-scale automation, rapid updating, and integration with processes like Incident Response. They must also be deployed at multiple possible points-of-attack to detect, stop the movement of, or control the execution of malicious software. Enterprise endpoint security suites provide administrative features to verify that all defenses are active and current on every managed system.

Main Points:
  • Employ automated tools to continuously monitor workstations, servers, and mobile devices with anti-virus, anti-spyware, personal firewalls, and host-based IPS functionality. All malware detection events should be sent to enterprise anti-malware administration tools and event log servers.
  • Employ anti-malware software that offers a centralized infrastructure that compiles information on file reputations or have administrators manually push updates to all machines. After applying an update, automated systems should verify that each system has received its signature update.

See the full text of this CIS Control and the other 20 CIS Controls

Secure Your Organization Against the Most Common Attack Vectors

Download:

Arrow First 5 CIS Controls Arrow All 20 CIS Controls

Developed, validated and prioritized by a volunteer community of cybersecurity experts.

Information Hub: Malware Defenses