Posted On: November 06, 2019
For a long time, security initiatives have been driven by compliance mandates and a healthy dose of fear. But as threats continue to become more sophisticated, so must our efforts in thwarting them. This is why aligning with best practices is a great place to start, specifically the Center for Internet Security (CIS) Top 20 Critical Security Controls which was developed by a global group of security experts who continue to finetune them every year.
The 20 critical controls are divided into three categories: Basic, Foundational, and Organizational.
The CIS further outlines in the CIS Controls v7.1 that an effective approach to cybersecurity can be approached with these steps:
At OneNeck, we believe that no matter where you are in your security strategy execution, the CIS controls provide prioritized, actionable steps to define and implement a security strategy. While there’s no one-size-fits-all approach to security, today’s organizations can lower the risk of a breach by changing their approach from strictly meeting compliance mandates to a risk management approach that uses practical and proven best practices.
OneNeck CISO, Katie McCullough, puts it like this… “Customers don’t have unlimited spend to go after security. So, at OneNeck, we work with our customers from a risk management perspective. What are their biggest risks? How do we leverage the investments they’ve already made? And how do we maximize their budget? Because the answer isn’t always buying a new security product. It might be microsegmentation of your applications. So, we’re not here to sell them a security product. We are here to help them define and implement risk management for their particular needs.”
In addition to guiding our customers with CSC best practices, internally at OneNeck, we establish practices in alignment with the critical security controls. We follow the advice and recommendations we give our customers, and as an experienced Managed Services Provider (MSP), we’ve seen firsthand how alignment with proven best practices is key in preventing attacks.
If you’re still not sure where to start when assessing your risk, we’d be happy to discuss your options. With the help of our security team, you don’t have to go it alone. Using the CIS 20 Controls as a benchmark, we can help identify the security risks unique to your business, develop a prioritized plan to mitigate risk and assist you in implementing a plan that keeps you safe from current and future attacks.
Hybrid IT infrastructure that combines on-premises and public cloud capabilities is a strategy many enterprises are embracing. Download Now
Why is it important for organizations to embrace digital transformation? Just ask anyone that once worked for Blockbuster. It’s not that we quit... Continue Reading