SecurWires Technologies and Services is an elite Member of CIS SecureSuite, which is used by more than 1300+ businesses and
government entities worldwide to defend against Cyber Attacks. CIS harnesses the power of a global IT community to safeguard
public and private organizations against cyber threats. As CIS SecureSuite Member, SecurWires is able to deliver a combination
of the CIS Benchmarks, CIS Controls, and CIS-CAT Pro as a part of its Cyber Security Services and resource. SecurWires provides
various consulting services and help organization across world secure there infrastructure from cyber-attacks in ever
increasing cyber space.
Secure Your Organization
IT security leaders use CIS Controls to quickly establish the protections providing the highest payoff in their organizations.
CIS Controls guide you through a series of 20 foundational and advanced cyber security actions, where the most common attacks
can be eliminated. SecurWires can assist organization in assessing and implementing the Critical Security Controls.
> CIS Controls are concise, prioritized set of Cyber Practices created to stop today’s most pervasive and dangerous Cyber Attacks
> The CIS Controls provides a Security Framework that can strengthen Cyber Defenses and ultimately protect Information, Infrastructure and Critical Assets
> Organizations that apply just the first five CIS Controls
can reduce their Risk of Cyber Attack by around 85 %
> Implementing all 20 CIS Controls increases the Risk Reduction to around 94 %
What are the CIS Controls?
The Center for Internet Security’s Critical Security Controls (CIS Controls) are recommended set of actions for Effective
Cyber Defense that provide specific and actionable ways to thwart the most pervasive attacks. The CIS Controls are a
relatively short list of high-priority, highly effective defensive actions
that provide a "must-do, do-first"
point for every enterprise seeking to improve their Cyber Defense
There is no magic to the number 20. The deep analysis of all the data about attacks and intrusions tells us that just 20
will give you an optimized trade-off between defense against attacks and cost-effective, manageable systems
What are the benefit of the CIS Controls?
is a key benefit to the CIS Controls. They were designed to help organizations rapidly define the starting
point for their defenses
, direct their scarce resources on actions with immediate and high-value payoff, and then focus
their attention and resources on additional risk issues that are unique to their business or mission.
Who has endorsed the CIS Controls?
• The CIS Controls are referenced by the U.S. Government in the National Institute of Standards and Technology (NIST)
Cyber Security Framework (CSF) as a recommended implementation approach for the Framework.
• The European Telecommunications Standards Institute (ETSI) has adopted and published the CIS Controls and several of
the Controls companion guides.
• The CIS Controls are recommended by organizations as diverse as the National Governors Association (NGA) and the U.K.’s
Centre for the Protection of National Infrastructure (CPNI).
• The National Highway Traffic Safety Administration (NHTSA) recommended the CIS Controls in its draft security guidance
to automotive manufacturers.
CIS Controls and other frameworks
The CIS Controls are not a replacement for any existing regulatory, compliance, or authorization scheme.
The CIS Controls map to most major compliance frameworks such as the NIST Cyber Security Framework, NIST 800-53, PCI DSS,
ISO 27000 Series and regulations such as HIPAA, NERC CIP, and FISMA
. Mappings from the CIS Controls have been defined
for these other frameworks to give a starting point for action.
Who is using the CIS Controls?
The CIS Controls have been adopted by thousands of global enterprises, large and small, and are supported by numerous security
solution vendors, integrators, and consultants, such as Rapid7, Softbank and Tenable. Some users of the CIS Controls include:
the Federal Reserve Bank of Richmond; Corden Pharma; Boeing; Citizens Property Insurance; Butler Health System; University of
Massachusetts; the states of Idaho, Colorado, and Arizona; the cities of Oklahoma, Portland, and San Diego; and many others.
Case studies --> Click Here
Secure Your Systems & Platforms
Proven guidelines will enable you to safeguard operating systems, software and networks that are most vulnerable to cyber-attacks.
They are continuously verified by an IT community to combat evolving cyber security challenges. SecurWires can assist organization
in implementing the baselines and measuring the implementation using CIS CAT Pro.
Relationship between the CIS Controls and the CIS Benchmarks
The CIS Controls are a general set of recommended practices for securing a wide range of systems and devices, whereas CIS Benchmarks
are guidelines for hardening specific operating systems, middleware, software applications, and network devices. The need for secure
configurations is referenced throughout the CIS Controls. In fact, CIS Control 3 specifically recommends secure configurations for
hardware and software on mobile devices, laptops, workstations, and servers. Some CIS controls are also integrated into the CIS-CAT
configuration assessment tool to show alignment between CIS Controls and Benchmarks settings.
CIS CAT Pro
CIS-CAT Pro is a configuration and vulnerability assessment tool consisting of two components: CIS-CAT Pro Assessor and CIS-CAT Pro Dashboard.
CIS-CAT Pro Assessor provides:
> Ability to assess the configuration of target systems, returning a score between 1-100 for CIS Benchmark conformity against 80+ benchmarks
> CIS Benchmarks annotated with CIS Controls mappings
> Ability to port assessment results to the CIS-CAT Pro Dashboard
CIS-CAT Pro Dashboard provides:
> Real-time views into: ecosystem performance; multiple benchmark view for comparisons; multiple device view; tagged systems for comparison across departments or functional areas
> CIS Controls view for any annotated CIS Benchmark content
> Ability to drill down through the dashboards to view individual assessment results
> Ability to create exceptions and automatically recalculate assessment scoring through the dynamic nature of the dashboards
> Individual reporting that includes evidence-based reports and the ability to export assessment reports in various formats (HTML, XML, CSV, TXT etc.)
> Target System tagging (admin, PCI, dev box) in order to view compliance to CIS Benchmarks for a group of systems
> Remediation Reports
> Complete Report showing all recommendations in the benchmark and overall pass/fail results
CIS-CAT Pro Assessor is SCAP Validated as an Authenticated Configuration Scanner.