Implementing the 20 CIS Critical Security Controls
Securing company information is a significant responsibility that can be stressful and overwhelming, but you're not alone. This course will provide you with a comprehensive but digestible framework to confront a majority of infosec risks.
What you'll learn
A question familiar to every information security professional is, “where do I start?” The CIS Controls get to the heart of the information security problem, putting security professionals in a position to make immediate and meaningful progress early in an information security program. In this course, Implementing the 20 CIS Critical Security Controls, you will find a practical framework to manage information security risks. First, you will learn about the history and purpose of the CIS controls. Next, you will learn about implementation groups to better understand the controls and sub-controls that make sense for your organization to implement. Finally, you will be equipped with 20 controls and over 170 sub-controls that can be customized to meet your organization's unique security requirements. When you're finished with this course, you will have the fundamental knowledge to address a majority of information security risks in your organization.
Table of contents
- Module Introduction 1m
- Inventory and Control of Hardware Assets 10m
- Inventory and Control of Software Assets 9m
- Continuous Vulnerability Management 9m
- Controlled Use of Administrative Privileges 8m
- Secure Configurations for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers 7m
- Maintenance, Monitoring, and Analysis of Audit Logs 8m
- Summary 1m
About the author
Taylor Jones is a Data Security Officer and security enthusiast/evangelist who loves to teach. His primary focus is helping everyday business leaders and users jettison fear, uncertainty, and doubt (FUD) as they work toward identifying and addressing their security risks. Leaning heavily on the fundamentals and time-tested best practices, Taylor is passionate about overcoming modern security challenges through meaningful solutions that reduce complexity and provide measurable risk reduction. He ... more