CIS Critical Security Controls v7.1 Cybersecurity Maturity Model Certification Mapping

The CIS Critical Security Controls (CIS Controls) v7.1 are mapped to the Cybersecurity Maturity Model Certification (CMMC) levels to help organizations required to meet CMMC requirements. Additionally, each CIS Sub-Control is mapped to our Implementation Group (IG) methodology to help organizations implement cybersecurity best practices based on their resources and cybersecurity expertise. We have found that the majority of cyber breaches occur when basic security controls have not been implemented and managed. Implementation Group 1 of the CIS Controls are effective against the top 5 attacks as described by Verizon’s Data Breach Investigations Report.