CIS Logo
tagline: Confidence in the Connected World

CIS Controls Microsoft Windows 10 Cyber Hygiene Guide

Resource Helps Organizations Implement CIS Sub-Controls in Windows 10

 

EAST GREENBUSH, N.Y., July 11, 2019 –The Center for Internet Security, Inc. (CIS®) launches the CIS Controls Microsoft Windows 10 Cyber Hygiene Guide today. This new free resource provides practical step-by-step advice for securing computers running Microsoft Windows 10 when implementing the CIS Sub-Controls without the need for advanced technical knowledge. The Guide also addresses stopping theft of company information, website defacement, phishing attacks, ransomware, and data loss.

The combined versions of Microsoft Windows operating systems equal more than 50 percent of global operating system usage. Windows 10 has the lion’s share of the market, which bodes well for security since Microsoft’s support for Windows 7 will end in January 2020.

“Since the details for implementing the CIS Controls can vary depending on technology, the CIS Controls team, along with our global community of volunteers, wanted to create a Guide specifically for Windows 10 users,” said CIS EVP & Chief Evangelist Tony Sager.

Cyber Hygiene

CIS defines cyber hygiene as a set of baseline cybersecurity protections that help to secure an organization. CIS Controls® Version 7.1 introduces Implementation Groups (IGs), which provide a new way to look at the CIS Controls. IGs outline reasonable actions an organization can take to enhance their cyber defense based on CIS Sub-Controls. The protections outlined in 43 of the CIS Sub-Controls make up Implementation Group 1 (IG1), and comprises cyber hygiene. Download CIS Controls V7.1 at https://learn.cisecurity.org/20-controls-download.

Simplifying Cybersecurity Configuration Challenges

Putting a new CIS Control or Sub-Control into place within an enterprise network can be a daunting task, regardless of the size of the organization. CIS Controls Windows 10 Cyber Hygiene Guide helps simplify the process by providing comprehensive guidance for implementation and automation, along with additional tools. To the extent possible, CIS strives to recommend open source or free tools, and guidance from non-profits and government entities.

Basic Cyber Hygiene with Implementation Group 1 of the CIS Controls

Individuals and organizations alike should be able to protect themselves against cyber threats, regardless of their size or level of IT expertise. CIS created Implementation Group 1 and the CIS Controls Microsoft Windows 10 Cyber Hygiene Guide to lower the barriers of practicing cyber hygiene. Download the guide below for practical guidance on cyber hygiene for Windows 10 users.

https://www.cisecurity.org/white-papers/cis-controls-microsoft-windows-10-cyber-hygiene-guide/

Additional CIS Controls guides are available at https://www.cisecurity.org/controls/cis-controls-companion-guides/. The CIS Controls team encourages organizations to start or continue to implement the suggestions in these free best practices Guides to improve their cyber defense strategies.

  • The CIS Controls Microsoft Windows 10 Cyber Hygiene Guide is an independent publication of CIS and is neither affiliated with, nor authorized, sponsored, or approved by, Microsoft Corporation.

About CIS

CIS (Center for Internet Security, Inc.) is a forward-thinking, non-profit entity that harnesses the power of a global IT community to safeguard private and public organizations against cyber threats. The CIS Controls and CIS Benchmarks are the global standard and recognized best practices for securing IT systems and data against the most pervasive attacks. These proven guidelines are continuously refined and verified by a volunteer, global community of experienced IT professionals. Our CIS Hardened Images™ are virtual machine emulations preconfigured to provide secure, on-demand, and scalable computing environments in the cloud. CIS is home to both the Multi-State Information Sharing and Analysis Center® (MS-ISAC®), the go-to resource for cyber threat prevention, protection, response, and recovery for U.S. State, Local, Tribal, and Territorial government entities, and the Elections Infrastructure Information Sharing and Analysis Center® (EI-ISAC®), which supports the cybersecurity needs of U.S. State, Local, and Territorial elections offices. To learn more, visit www.CISecurity.org  or follow us on Twitter: @CISecurity.