Schedule a Call with our Certified Security Manager

Protect your organization through CIS Controls

Schedule a Call with our Certified Security Manager

John Martynuk is a Solutions Expert with Broadview Networks and holds a CISM (Certified Information Security Manager) and CISSP (Certified Information Systems Security Professional) designation. In his current role, he helps small and medium businesses apply the same best-practice security framework that larger organizations employ at a cost-effective, small business price point. 

John Martynuk
Solutions Expert

For organizations looking to improve their security posture and improve their defenses, the CIS Critical Security Controls are a great starting point to reduce your risk of exposure and mitigate the severity of cyberattacks. Learn what CIS controls are most applicable to your organization. Schedule a call and get your no obligations sizing and scoping with our team of certified security professionals.

Basic

  1. Inventory and Control of Hardware Assets
  2. Inventory and Control of Software Assets
  3. Continuous Vulnerability Management
  4. Controlled Use of Administrative Privileges
  5. Secure Configuration for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers
  6. Maintenance, Monitoring and Analysis of Audit Logs

Organization

17. Implement a Security Awareness and Training Program
18. Application Software Security
19. Incident Response and Management
20. Penetration Tests and Red Team Exercises

Foundational

7. Email and Web Browser Protections
8. Malware Defenses
9. Limitation and Control of Network Ports, Protocols and Services
10. Data Recovery Capabilities
11. Secure Configuration for Networks Devices, such as Firewalls, Routers and Switches
12. Boundary Defense
13. Data Protection
14. Controlled Access Based on the Need to Know
15. Wireless Access Control
16. Account Monitoring and Control

Why the CIS Controls?

The CIS Controls are a set of well-vetted and supported security actions that organizations can take to assess and improve their current security state. The true power of the CIS Controls is not about creating the best list of things to do, it is harnessing the experience of a community of individuals and enterprises to make security improvements through the sharing of ideas and collective action.