CIS Controls v8
CIS Controls v8 offers prescriptive, prioritized, and simplified cybersecurity best practices that provide a clear path to improve an organization’s cyber defense program.
The presentation of each Control in this document includes the following elements:
- Overview. A brief description of the intent of the Control and its utility as a defensive action
- Why is this Control critical? A description of the importance of this Control in blocking, mitigating, or identifying attacks, and an explanation of how attackers actively exploit the absence of this Control
- Procedures and tools. A more technical description of the processes and technologies that enable implementation and automation of this Control
- Safeguard descriptions. A table of the specific actions that enterprises should take to implement the Control