91 lines
4.6 KiB
CSV
91 lines
4.6 KiB
CSV
CIS v8.1 Safeguards (Sub-Controls)
|
|
3.1 - Establish and Maintain Inventory of Enterprise Assets
|
|
3.3 - Manage Assets
|
|
5.1 - Establish and Maintain a Secure Configuration Process
|
|
5.3 - Securely Configure Enterprise Assets and Software
|
|
8.1 - Establish and Maintain a Vulnerability Management Process
|
|
9.2 - Deploy and Maintain Anti-Malware Software
|
|
10.8 - Perform and Test Data Backups
|
|
15.1 - Develop an Incident Response Plan
|
|
3.4 - Manage Sensitive Assets
|
|
4.1 - Establish and Maintain a Secure Access Control Policy and Procedures
|
|
4.2 - Implement and Manage Multi-Factor Authentication for Enterprise Accounts
|
|
6.3 - Implement and Manage Network Segmentation
|
|
7.1 - Establish and Maintain a Data Management Process
|
|
7.2 - Implement and Enforce Data Retention
|
|
7.3 - Implement Data Loss Prevention (DLP)
|
|
12.5 - Enforce Encryption of Data-at-Rest
|
|
12.6 - Enforce Encryption of Data-in-Transit
|
|
4.3 - Manage Privileged Access
|
|
4.4 - Manage Service Accounts
|
|
4.6 - Manage External Accounts
|
|
14.5 - Establish and Maintain an Audit Log Review and Analysis Process
|
|
16.1 - Conduct Security Awareness and Skills Training
|
|
3.6 - Establish and Maintain an Inventory of Non-Enterprise Assets
|
|
13.1 - Establish and Maintain a Security Awareness Program
|
|
18.1 - Establish and Maintain a Penetration Testing Program
|
|
19.1 - Establish and Maintain an Incident Response Plan
|
|
20.1 - Establish and Maintain a Business Continuity Plan
|
|
16.2 - Train Workforce Members on Social Engineering Attacks
|
|
19.8 - Perform Post-Incident Reviews
|
|
1.1 - Establish and Maintain Enterprise Governance
|
|
1.2 - Establish and Maintain Enterprise Security Policies
|
|
1.3 - Establish and Maintain Enterprise Agreements
|
|
2.1 - Establish and Maintain an Inventory of Authorized Software
|
|
10.9 - Perform Off-Site Backups
|
|
10.10 - Securely Store Backups
|
|
11.1 - Implement and Manage Email Protections
|
|
17.1 - Implement Physical Access Controls
|
|
17.2 - Monitor Physical Environment
|
|
6.1 - Establish and Maintain a Baseline Configuration of Network Devices
|
|
6.4 - Implement and Manage Network Infrastructure Device Hardening
|
|
6.5 - Implement and Manage Distributed Denial of Service (DDoS) Mitigation Techniques
|
|
14.1 - Establish and Maintain a Security Logging and Monitoring Process
|
|
8.2 - Remediate Vulnerabilities Based on Risk
|
|
8.3 - Verify Application of Security Patches
|
|
3.2 - Utilize an Automated Asset Discovery Tool
|
|
13.5 - Manage Supplier Access
|
|
13.6 - Monitor Supplier Security
|
|
3.5 - Manage Enterprise Assets Connected to the Enterprise Network Remotely
|
|
4.5 - Manage Mobile Devices
|
|
5.4 - Securely Configure Cloud Infrastructure
|
|
5.5 - Securely Configure Cloud Workloads
|
|
6.2 - Establish and Maintain a Baseline Configuration of Endpoints
|
|
4.7 - Enforce Account Password Requirements
|
|
4.8 - Enforce Multi-Factor Authentication for All Users
|
|
16.4 - Establish and Maintain a Role-Based Security Training Program
|
|
16.5 - Conduct Skills Gap Assessments
|
|
17.3 - Plan and Implement Environmental Protections
|
|
5.6 - Securely Configure Industrial Control Systems (ICS)
|
|
6.6 - Implement and Manage Network Segmentation for ICS
|
|
1.5 - Conduct Periodic Security Risk Assessments
|
|
14.7 - Conduct Security Controls Testing and Validation
|
|
15.4 - Establish and Maintain a Security Architecture
|
|
1.4 - Establish and Maintain a Threat Intelligence Program
|
|
2.2 - Utilize Standard Security Configurations for Enterprise Software and Hardware
|
|
8.4 - Perform Application Security Testing
|
|
12.1 - Establish and Maintain a Software Development Life Cycle (SDLC)
|
|
9.1 - Establish and Maintain a Software Allow List
|
|
11.2 - Implement and Manage Web Browser Protections
|
|
6.7 - Implement and Manage Domain Name System (DNS) Security
|
|
12.7 - Plan and Implement Cryptographic Key Management
|
|
7.4 - Securely Dispose of Assets
|
|
12.2 - Secure Software via Secure Coding Practices
|
|
6.8 - Secure Wireless Access Points
|
|
4.9 - Manage Access to Enterprise Applications
|
|
11.3 - Implement and Manage Endpoint Protections
|
|
"12.6 - Enforce Encryption of Data-in-Transit
|
|
66,Insufficient Data Encryption"""
|
|
14.2 - Integrate Threat Intelligence into Security Monitoring
|
|
14.3 - Establish and Maintain Alerting and Escalation Processes
|
|
19.2 - Establish and Maintain an Incident Response Team
|
|
19.3 - Develop and Conduct Incident Response Exercises
|
|
5.2 - Implement and Manage a Change Management Process
|
|
5.7 - Securely Configure Containers
|
|
12.3 - Manage Credentials
|
|
16.3 - Establish and Maintain a Security Skills Development Program
|
|
9.3 - Implement and Manage Endpoint Detection and Response (EDR)
|
|
13.3 - Implement and Manage Secure Software Supply Chain Practices
|
|
12.4 - Implement and Manage Security for Software Applications
|
|
13.4 - Implement and Manage Secure Hardware Supply Chain Practices
|