CIS CSC

Want to meet the CIS CSC guidelines?

As your expert security partner, FRSecure can provide you with the necessary assessment and consulting services to meet the Center for Internet Security (CIS) Critical Security Controls (CSC) requirements. FRSecure offers two gap analysis options to help determine how close your organization and current information security program are to meeting these requirements.

The Center for Internet Security (CIS) Critical Security Controls (CSC) is a set of best practice guidelines focused on cyber defense. It was created to answer the question “What do we need to do to stop known attacks?”

There are 20 controls grouped into 3 categories: Basic, Foundational, and Organizational.
• Basic – Bare minimum to protect your environment
• Foundational – A step up, provide additional security benefits
• Organizational – Controls that cover the people and processes involved in cybersecurity

CSC is a recognized industry security standard. The controls are actionable recommendations that are designed to be able to be automated, reducing the risk of human error. Implementing the controls should help reduce your external exposure and risk.

We consistently get great feedback on our reporting style. FRSecure has spent years developing reports that communicate assessment results in clear, easy to digest ways, that are appropriate for both technical and non-technical audiences.  Typical deliverables out of an information security assessment include:

  • Executive Summary Report
  • Full Report
  • Action Plan and/or Road Map

In addition, we will assist in helping protect remote workers and can help satisfy legal requirements of data protection laws (GDPR, CCPA, etc.). There is no formal certification for completing the CIS CSC controls; however, you can self assess.

At FRSecure, every project is custom designed for our clients.  We take into account your organization’s size, complexity, industry, compliance requirements, and most importantly, your actual needs.  Because of our tailored approach, all you need to do is spend a few minutes on the phone with our team to make sure we are delivering exactly what you need and want.

The CIS CSC controls are freely available: https://www.cisecurity.org/controls/cis-controls-list/