Alpine Security Presents the Top 20 Critical Security Controls for Effective Cyber Defense to The Boeing Company

St. Louis, March 11, 2016 - Alpine Security Principal, Christian Espinosa, spoke this week at The Boeing Company on Tuesday, March 8, 2016, about the Center for Internet Security Top 20 Critical Security Controls (CIS CSC).  The CIS CSC are a recommended set of actions that provide specific and actionable ways to stop today's most pervasive and dangerous cyber attacks.  These Critical Security Controls are especially relevant because they are updated by cyber experts based on actual attack data pulled from a variety of public and private threat sources.

The presentation covered the following topics:

  • Are we Winning the Cyberwar?
  • Why use the Center for Internet Security Critical Security Controls (CIS CSC)?
  • CIS CSC Tenets
  • Top 20 Critical Security Controls
  • Top 5 Critical Security Controls (Foundational Cyber Hygiene) Deep Dive
  • Tips

The CIS Top 20 Critical Security Controls, as of v6.0 are:

  1. Inventory of Authorized and Unauthorized Devices
  2. Inventory of Authorized and Unauthorized Software
  3. Secure Configurations for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers
  4. Continuous Vulnerability Assessment and Remediation
  5. Controlled Use of Administrative Privileges
  6. Maintenance, Monitoring, and Analysis of Audit Logs
  7. Email and Web Browser Protections
  8. Malware Defenses
  9. Limitation and Control of Network Ports, Protocols, and Services
  10. Data Recovery Capability
  11. Secure Configurations for Network Devices such as Firewalls, Routers, and Switches
  12. Boundary Defense
  13. Data Protection
  14. Controlled Access Based on the Need to Know
  15. Wireless Access Control
  16. Account Monitoring and Control
  17. Security Skills Assessment and Appropriate Training to Fill Gaps
  18. Application Software Security
  19.  Incident Response and Management
  20. Penetration Tests and Red Team Exercises

For a copy of the presentation click HERE.

About The Center for Internet Security


The Center for Internet Security (CIS) is a 501(c)(3) organization dedicated to enhancing the cybersecurity readiness and response among public and private sector entities. Utilizing its strong industry and government partnerships, CIS combats evolving cybersecurity challenges on a global scale and helps organizations adopt key best practices to achieve immediate and effective defenses against cyber attacks. CIS is home to the Multi-State Information Sharing and Analysis Center (MS-ISAC), CIS Security Benchmarks, and CIS Critical Security Controls.



Boeing is the world's largest aerospace company and leading manufacturer of commercial jetliners and defense, space and security systems. A top U.S. exporter, the company supports airlines and U.S. and allied government customers in 150 countries. Boeing products and tailored services include commercial and military aircraft, satellites, weapons, electronic and defense systems, launch systems, advanced information and communication systems, and performance-based logistics and training.


Alpine Security is a cyber security company that understands security is never a turnkey solution. Alpine Security takes a holistic approach, evaluating clients’ needs to develop a comprehensive solution with quantifiable results.  Alpine Security provides services covering every facet of computer and network security, ranging from full assessments to incident response to specialized cyber security training, such as malware analysis training.