SAFETY DIAGNOSIS
CIS 20
Evaluation of the “20 Critical Security Controls”.
ā
For the CIS (Center for Internet Security), by implementing security controls, the risks of Cyberattacks can be reduced by up to 94%.
ā
”Organizations that only adopt the first 5 Controls can reduce Risk by up to un 85%” – Center for Internet Security
1. Inventory of Authorized and Unauthorized Devices
2. Licensed and Unlicensed Software Inventory
3. Secure settings for hardware and software
4. Assessment and Ongoing vulnerability remodeling
5. Controlled use of administrative privileges
6. Maintenance, monitoring and analysis of audit logs
7. Email and Web Browser Protections
8. Malware Defenses
9. Limitation and control of network ports
10. Data recoverability
11. Secure settings for network devices
12. Perimeter Defense
13. Data protection
14. Controlled access based on "Need to know"
15. Access control wireless
16. Account monitoring and control
17. Safety skills assessment and appropriate training
18. Application Software Security
19. Incident response and management
20. Penetration Testing and "Red Team" Exercises
ā