CIS Controls Published as a Technical Report of the European Telecommunications Standards Institute

August 18, 2016

East Greenbush, NY

The European Telecommunications Standards Institute (ETSI), which produces globally applicable standards for Information and Communications Technologies (ICT), including fixed, mobile, radio, converged, broadcast, and Internet technologies, approved and published the Center for Internet Security’s (CIS) Critical Security Controls™ and companion materials as a suite of Technical Reports on 1 August 2016.

ETSI is a not-for-profit organization that is officially recognized by the European Union as a European Standards Organization. ETSI operates as a global standards body and encompasses more than 800 member organizations worldwide, from 66 countries and five continents.

“The inclusion of the CIS Controls as an official ETSI specification represents a major step forward which will increase awareness and recognition of the CIS Controls,” said Tony Sager, CIS Senior Vice President and Chief Evangelist. He added that Anthony Rutkowski, the Executive Vice President of Standards and Regulatory Affairs at Yaana Technologies®, led the effort to get the CIS Controls published as ETSI Technical Reports.

The CIS Controls were modified and reformatted to meet the official ETSI guidelines when they were released in their four-part Technical Report. So the ETSI report includes all of the present CIS Controls documents including the Measurement Guide, and Privacy, Mobile, and Internet of Things companion documents, but in a slightly different format.

Use the links below to access ETSI CIS Controls content

• Doc. Nb. TR 103 305-1 Ver. 2.1.1, CYBER; Critical Security Controls for Effective Cyber Defense; Part 1: The Critical Security Controls, (2016-08-01)
• Doc. Nb. TR 103 305-2 Ver. 1.1.1, CYBER; Critical Security Controls for Effective Cyber Defense; Part 2: Measurement and auditing, (2016-08-01)
• Doc. Nb. TR 103 305-3 Ver. 1.1.1, CYBER; Critical Security Controls for Effective Cyber Defense; Part 3: Service Sector Implementations, (2016-08-01
• Doc. Nb. TR 103 305-4 Ver. 1.1.1 CYBER; Critical Security Controls for Effective Cyber Defense; Part 4: Facilitation Mechanisms, (2016-08-01)

CIS’ Critical Security Controls Version 6.0 (CIS Controls,) are used around the world to provide a solid cybersecurity foundation the form of specific and actionable recommendations to improve your cyber defense. More than 6,000 copies of Version 6.0 of the CIS Controls are currently being downloaded every month by global IT users. To date, there have been more than 43,729 downloads of Version 6.0 of the CIS Controls, in addition to tens of thousands of prior version downloads.

About the Center for Internet Security

The Center for Internet Security (CIS) is a 501(c)(3) organization dedicated to enhancing the cybersecurity readiness and response among public and private sector entities. Utilizing its strong industry and government partnerships, CIS combats evolving cybersecurity challenges on a global scale and helps organizations adopt key best practices to achieve immediate and effective defenses against cyber attacks. CIS is home to the Multi-State Information Sharing & Analysis Center (MS-ISAC), CIS Security Benchmarks, and CIS Critical Security Controls. To learn more, visit CISecurity.org and follow us on Twitter: @CISecurity.