Technological Innovation

Are there 18 or 20 CIS Controls?

In the field of cybersecurity, the Center for Internet Security (CIS) Controls play a crucial role in safeguarding organizations against cyber threats. However, confusion often arises regarding the number of controls that should be implemented. While some sources refer to 18 controls, others mention 20 controls. So, what is the correct number of CIS Controls? Let's dive into this topic and find out.

The Origins of the CIS Controls

To understand the discrepancy surrounding the number, let's first explore the origins of the CIS Controls. Developed by a global community of experts, the CIS Controls provide a practical framework for organizations to mitigate cyber risks effectively. Their goal is to establish a baseline of security measures that can prevent the most common attacks.

The 18 CIS Controls

The 18 CIS Controls were initially introduced in 2008. They were created based on empirical data gathered from analyzing real-world attacks. These controls cover a wide range of security areas, including inventory and control of hardware assets, continuous vulnerability management, and controlled use of administrative privileges. The aim is to establish a solid foundation for cybersecurity practices.

The Addition of 2 Companion Guides

In 2015, the CIS Center for Internet Security released two companion guides: the Implementation Group Guide and the Quick Start Guide. These guides provided additional guidance on implementing the 18 CIS Controls. Though they are not considered as separate controls, some sources might include them in the count, leading to references of 20 CIS Controls instead of 18.

Conclusion

The number of CIS Controls is a point of confusion within the cybersecurity community. The fundamental set consists of 18 controls, which form the basis of effective cybersecurity. However, the inclusion of companion guides might lead to references of 20 controls. Ultimately, organizations should focus on understanding and implementing the controls that are most relevant to their specific security needs.

CONTACT US

Contact: Eason Wang

Phone: +86-13751010017

E-mail: info@iec-equipment.com

Add: 1F Junfeng Building, Gongle, Xixiang, Baoan District, Shenzhen, Guangdong, China

Scan the qr codeclose
the qr code
TAGS Test Probe BTest Probe 18Test Probe 14Test Probe 17Test Probe 32Test Probe 1Test Probe 2Test Probe 12Test Probe 31Test Probe ATest Probe 41Test Probe 19Test Probe DTest Probe CTest Probe 13Test Probe 11Test Probe 43Test PinTest FingerTest Probe