CIS Critical Security Controls v8

CIS Critical Security Controls v8 offers prescriptive, prioritized, and simplified cybersecurity best practices that provide a clear path to improve an organization’s cyber defense program.

The presentation of each Control in this document includes the following elements:

  • Overview. A brief description of the intent of the Control and its utility as a defensive action
  • Why is this Control critical? A description of the importance of this Control in blocking, mitigating, or identifying attacks, and an explanation of how attackers actively exploit the absence of this Control
  • Procedures and tools. A more technical description of the processes and technologies that enable implementation and automation of this Control
  • Safeguard descriptions. A table of the specific actions that enterprises should take to implement the Control