St. Louis, March 11, 2016 – Alpine Security Principal, Christian Espinosa, spoke this week at The Boeing Company on Tuesday, March 8, 2016, about the Center for Internet Security Top 20 Critical Security Controls (CIS CSC). The CIS CSC are a recommended set of actions that provide specific and actionable ways to stop today’s most pervasive and dangerous cyber attacks. These Critical Security Controls are especially relevant because they are updated by cyber experts based on actual attack data pulled from a variety of public and private threat sources.
The presentation covered the following topics:
- Are we Winning the Cyberwar?
- Why use the Center for Internet Security Critical Security Controls (CIS CSC)?
- CIS CSC Tenets
- Top 20 Critical Security Controls
- Top 5 Critical Security Controls (Foundational Cyber Hygiene) Deep Dive
- Tips
The CIS Top 20 Critical Security Controls, as of v6.0 are:
- Inventory of Authorized and Unauthorized Devices
- Inventory of Authorized and Unauthorized Software
- Secure Configurations for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers
- Continuous Vulnerability Assessment and Remediation
- Controlled Use of Administrative Privileges
- Maintenance, Monitoring, and Analysis of Audit Logs
- Email and Web Browser Protections
- Malware Defenses
- Limitation and Control of Network Ports, Protocols, and Services
- Data Recovery Capability
- Secure Configurations for Network Devices such as Firewalls, Routers, and Switches
- Boundary Defense
- Data Protection
- Controlled Access Based on the Need to Know
- Wireless Access Control
- Account Monitoring and Control
- Security Skills Assessment and Appropriate Training to Fill Gaps
- Application Software Security
- Incident Response and Management
- Penetration Tests and Red Team Exercises
For a copy of the presentation click HERE.
About The Center for Internet Security
The Center for Internet Security (CIS) is a 501(c)(3) organization dedicated to enhancing the cybersecurity readiness and response among public and private sector entities. Utilizing its strong industry and government partnerships, CIS combats evolving cybersecurity challenges on a global scale and helps organizations adopt key best practices to achieve immediate and effective defenses against cyber attacks. CIS is home to the Multi-State Information Sharing and Analysis Center (MS-ISAC), CIS Security Benchmarks, and CIS Critical Security Controls.
ABOUT BOEING
Boeing is the world’s largest aerospace company and leading manufacturer of commercial jetliners and defense, space and security systems. A top U.S. exporter, the company supports airlines and U.S. and allied government customers in 150 countries. Boeing products and tailored services include commercial and military aircraft, satellites, weapons, electronic and defense systems, launch systems, advanced information and communication systems, and performance-based logistics and training.
ABOUT ALPINE SECURITY
Alpine Security is a cyber security company that understands security is never a turnkey solution. Alpine Security takes a holistic approach, evaluating clients’ needs to develop a comprehensive solution with quantifiable results. Alpine Security provides services covering every facet of computer and network security, ranging from full assessments to incident response to specialized cyber security training, such as malware analysis training.