Security threats take many forms. Most owners of small and medium-sized businesses (SMBs) are aware of the need to defend against the top three– viruses, ransomware, and phishing attacks–but their organizations are generally not as prepared to deal with the risks related to employees leaking data or sharing sensitive information, whether maliciously or accidentally.
With ransomware attacks up 800% during the pandemic, cybersecurity measures have never been more pertinent. In today’s world the urgency to adopt a cyber security strategy is clear.
Many security frameworks exist and we will share why we’ve adopted the CIS (Center for Internet Security) framework as our standard and incorporate additional framework controls like HIPAA, OSFI, PCI, NIST, and others to address our client’s goals.
The CIS Controls are a set of well-vetted and supported security actions that organizations can take to assess and improve their current security state. The true power of the CIS Controls is not about creating the best list of things to do, it is harnessing the experience of a community of individuals and enterprises to make security improvements through the sharing of ideas and collective action.
CIS Control Groups
Our Certified Security Office can help you understand how we can apply CIS to organizations of any size from the SMB shop with no staff to the larger enterprises with sensitive data, regulatory and compliance needs.
To learn what CIS controls are most applicable to your organization. Schedule a call and get your no obligations sizing and scoping with our team of certified security professionals: