Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: CIS Critical Security Controls - Version 6.0 SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
CIS Critical Security Controls - Version 6.0

Right in the middle of Cyber Security Awareness Month (CSAM), the Center for Internet Security (CIS) released Version 6.0 of the CIS Critical Security Controls for Effective Cyber Defense. This update incorporates significant changes that represent the latest technologies and threats faced by information security professionals. The most notable changes to the CIS Critical Security Controls are listed below and discussed at length in the archived webcast.
  • A new Control for Email and Web Browser Protections
  • Deletion of the Control on Secure Network Engineering
  • Reordering of the Controls to make Controlled Use of Administration Privileges higher in priority
I believe this update positions the CIS Critical Security Controls to remain both an actionable and relevant framework to build and sustain an effective cyber security program. Implementing them has been the catalyst to many organizations demonstrably increasing their cyber security posture. With intentional planning and focus, you can too. The following are several steps you can take right now to start or continue on your journey.
What will you do differently at your organization as a result of this update? Use the comments field to share your feedback!
Russell Eubanks
I will be teaching next: Leading Cybersecurity Change: Building a Security-Based Culture - Security Awareness Summit & Training 2021


100 Posts
ISC Handler
Oct 17th 2015

Sign Up for Free or Log In to start participating in the conversation!