Center for Internet Security’s Community Defense Model

The CIS Critical Security Controls (CIS Controls) are a set of more than 170 cybersecurity defensive measures, called safeguards, organized into a set of 20 Control activities. A community of security experts cooperate to keep this list of safeguards up-to-date based on vendor summaries of recent attack activity described in reports like the Verizon Data Breach Investigations Report (DBIR) and their experiences defending actual networks. Enterprises can select safeguards from the CIS Controls to create a robust cyber defense mission for their organization.