{"id":248,"date":"2017-10-07T12:48:00","date_gmt":"2017-10-07T12:48:00","guid":{"rendered":"https:\/\/securityeverafter.com\/2017\/10\/07\/cis-controls-implementation-guide-for-small-and-medium-sized-enterprises\/"},"modified":"2023-02-22T11:38:30","modified_gmt":"2023-02-22T16:38:30","slug":"cis-controls-implementation-guide","status":"publish","type":"post","link":"https:\/\/securityeverafter.com\/cis-controls-implementation-guide\/","title":{"rendered":"CIS Controls Implementation Guide"},"content":{"rendered":"<h1 style=\"text-align: center;\">CIS Controls Implementation Guide<\/h1>\n<h1><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-1714\" style=\"font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Oxygen-Sans, Ubuntu, Cantarell, 'Helvetica Neue', sans-serif; font-size: 16px;\" title=\"Female guide leading the way\" src=\"https:\/\/i0.wp.com\/securityeverafter.com\/wp-content\/uploads\/2017\/10\/Guide.jpg?resize=532%2C371&#038;ssl=1\" alt=\"Female guide leading the way\" width=\"532\" height=\"371\" srcset=\"https:\/\/i0.wp.com\/securityeverafter.com\/wp-content\/uploads\/2017\/10\/Guide.jpg?resize=1024%2C713&amp;ssl=1 1024w, https:\/\/i0.wp.com\/securityeverafter.com\/wp-content\/uploads\/2017\/10\/Guide.jpg?resize=300%2C209&amp;ssl=1 300w, https:\/\/i0.wp.com\/securityeverafter.com\/wp-content\/uploads\/2017\/10\/Guide.jpg?resize=768%2C534&amp;ssl=1 768w, https:\/\/i0.wp.com\/securityeverafter.com\/wp-content\/uploads\/2017\/10\/Guide.jpg?resize=1536%2C1069&amp;ssl=1 1536w, https:\/\/i0.wp.com\/securityeverafter.com\/wp-content\/uploads\/2017\/10\/Guide.jpg?w=2048&amp;ssl=1 2048w, https:\/\/i0.wp.com\/securityeverafter.com\/wp-content\/uploads\/2017\/10\/Guide.jpg?w=1280&amp;ssl=1 1280w, https:\/\/i0.wp.com\/securityeverafter.com\/wp-content\/uploads\/2017\/10\/Guide.jpg?w=1920&amp;ssl=1 1920w\" sizes=\"(max-width: 532px) 100vw, 532px\" \/><\/h1>\n<p>The <a href=\"https:\/\/www.cisecurity.org\/white-papers\/cis-controls-sme-guide\/\">CIS Controls Implementation Guide<\/a> was recently released by the <a href=\"https:\/\/www.cisecurity.org\/\">Center for Internet Security (CIS)<\/a>, the home of <a href=\"https:\/\/securityeverafter.com\/version-7-of-the-cis-controls-released\/\">CIS Controls<\/a> directly mapped to their <a href=\"https:\/\/www.cisecurity.org\/controls\/\">CIS Controls<\/a>. It <span style=\"font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Oxygen-Sans, Ubuntu, Cantarell, 'Helvetica Neue', sans-serif;\">is<\/span><span style=\"font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Oxygen-Sans, Ubuntu, Cantarell, 'Helvetica Neue', sans-serif;\"> focused on actionable steps that can be taken right now to assess and improve cyber security posture and preparedness, particularly in\u00a0small and medium-sized enterprises. Recently a <\/span><a style=\"font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Oxygen-Sans, Ubuntu, Cantarell, 'Helvetica Neue', sans-serif;\" href=\"https:\/\/www.cisecurity.org\/webinar\/cybersecurity-for-small-and-medium-sized-enterprises-using-the-cis-controls\/\">webinar<\/a><span style=\"font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Oxygen-Sans, Ubuntu, Cantarell, 'Helvetica Neue', sans-serif;\"> with some team members who helped develop the <\/span><a style=\"font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Oxygen-Sans, Ubuntu, Cantarell, 'Helvetica Neue', sans-serif;\" href=\"https:\/\/www.cisecurity.org\/wp-content\/uploads\/2017\/09\/CIS-Controls-Guide-for-SMEs.pdf\">Implementation Guide<\/a><span style=\"font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Oxygen-Sans, Ubuntu, Cantarell, 'Helvetica Neue', sans-serif;\"> was recorded.\u00a0\u00a0<\/span><\/p>\n<div><\/div>\n<div>The guide focuses on three key areas of<\/div>\n<ul>\n<li>Know your Environment<\/li>\n<li>Protect your Assets<\/li>\n<li>Prepare your Organization<\/li>\n<\/ul>\n<div><\/div>\n<div>I especially like the questions that are provided in the <a href=\"https:\/\/www.cisecurity.org\/wp-content\/uploads\/2017\/09\/CIS-Controls-Guide-for-SMEs.pdf\">Implementation Guide<\/a>.<\/div>\n<ul>\n<li>Do you know what is connected to your computers and networks?<\/li>\n<li>Do you know what software is running on your systems and networks?<\/li>\n<li>Do you set up your computers with security in mind?<\/li>\n<li>Do you manage who has access to sensitive information or who has extra privileges?<\/li>\n<li>Is your staff clear about their role in protecting your organization from cyber incidents?<\/li>\n<\/ul>\n<div><\/div>\n<div>When reviewing these questions, especially for the first time, you <span style=\"font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Oxygen-Sans, Ubuntu, Cantarell, 'Helvetica Neue', sans-serif;\">may not like your answers very much. I encourage you to use your answers as motivation to apply focused attention to achieve better solutions over the next 30 days. No matter the size of your enterprise, I believe there is something in the <\/span><a style=\"font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Oxygen-Sans, Ubuntu, Cantarell, 'Helvetica Neue', sans-serif;\" href=\"https:\/\/www.cisecurity.org\/wp-content\/uploads\/2017\/09\/CIS-Controls-Guide-for-SMEs.pdf\">Implementation Guide<\/a><span style=\"font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Oxygen-Sans, Ubuntu, Cantarell, 'Helvetica Neue', sans-serif;\">\u00a0for you!<\/span><\/div>\n<div><\/div>\n<div>I <a href=\"https:\/\/isc.sans.edu\/diary\/CIS+Controls+Implementation+Guide+for+Smalland+MediumSized+Enterprises\/22906\">recently posted this article<\/a> on the <a href=\"https:\/\/isc.sans.edu\/diaryarchive.html\">SANS Internet Storm Center site<\/a>.<\/div>\n<div><\/div>\n<div><a href=\"https:\/\/www.securityeverafter.com\/community\">Subscribe<span class=\"Apple-converted-space\"> t<\/span>o our email list<\/a> to get more cybersecurity content delivered to your Inbox!<\/div>\n","protected":false},"excerpt":{"rendered":"<p>CIS Controls Implementation Guide The CIS Controls Implementation Guide was recently released by the Center for Internet Security (CIS), the home of CIS Controls directly mapped to their CIS Controls. It is focused on actionable steps that can be taken right now to assess and improve cyber security posture and preparedness, particularly in\u00a0small and medium-sized [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":550,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","enabled":false},"version":2}},"categories":[30,12,31],"tags":[],"jetpack_publicize_connections":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.7 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>CIS Controls Implementation Guide - Security Ever After - vCISO<\/title>\n<meta name=\"description\" content=\"CIS Controls Implementation Guide was recently released and is focused on three key areas\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/securityeverafter.com\/cis-controls-implementation-guide\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"CIS Controls Implementation Guide - Security Ever After - vCISO\" \/>\n<meta property=\"og:description\" content=\"CIS Controls Implementation Guide was recently released and is focused on three key areas\" \/>\n<meta property=\"og:url\" content=\"https:\/\/securityeverafter.com\/cis-controls-implementation-guide\/\" \/>\n<meta property=\"og:site_name\" content=\"Security Ever After - vCISO\" \/>\n<meta property=\"article:published_time\" content=\"2017-10-07T12:48:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-02-22T16:38:30+00:00\" \/>\n<meta name=\"author\" content=\"Russell\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@russelleubanks\" \/>\n<meta name=\"twitter:site\" content=\"@russelleubanks\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Russell\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/securityeverafter.com\/cis-controls-implementation-guide\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/securityeverafter.com\/cis-controls-implementation-guide\/\"},\"author\":{\"name\":\"Russell\",\"@id\":\"https:\/\/securityeverafter.com\/#\/schema\/person\/38dd34bdece8068be18430e4c96ce5f3\"},\"headline\":\"CIS Controls Implementation Guide\",\"datePublished\":\"2017-10-07T12:48:00+00:00\",\"dateModified\":\"2023-02-22T16:38:30+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/securityeverafter.com\/cis-controls-implementation-guide\/\"},\"wordCount\":248,\"commentCount\":1,\"publisher\":{\"@id\":\"https:\/\/securityeverafter.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/securityeverafter.com\/cis-controls-implementation-guide\/#primaryimage\"},\"thumbnailUrl\":\"\",\"articleSection\":[\"Critical Security Controls\",\"cyber security\",\"Lessons Learned\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/securityeverafter.com\/cis-controls-implementation-guide\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/securityeverafter.com\/cis-controls-implementation-guide\/\",\"url\":\"https:\/\/securityeverafter.com\/cis-controls-implementation-guide\/\",\"name\":\"CIS Controls Implementation Guide - Security Ever After - vCISO\",\"isPartOf\":{\"@id\":\"https:\/\/securityeverafter.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/securityeverafter.com\/cis-controls-implementation-guide\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/securityeverafter.com\/cis-controls-implementation-guide\/#primaryimage\"},\"thumbnailUrl\":\"\",\"datePublished\":\"2017-10-07T12:48:00+00:00\",\"dateModified\":\"2023-02-22T16:38:30+00:00\",\"description\":\"CIS Controls Implementation Guide was recently released and is focused on three key areas\",\"breadcrumb\":{\"@id\":\"https:\/\/securityeverafter.com\/cis-controls-implementation-guide\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/securityeverafter.com\/cis-controls-implementation-guide\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/securityeverafter.com\/cis-controls-implementation-guide\/#primaryimage\",\"url\":\"\",\"contentUrl\":\"\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/securityeverafter.com\/cis-controls-implementation-guide\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/securityeverafter.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"CIS Controls Implementation Guide\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/securityeverafter.com\/#website\",\"url\":\"https:\/\/securityeverafter.com\/\",\"name\":\"Security Ever After - CISO\",\"description\":\"vCISO\",\"publisher\":{\"@id\":\"https:\/\/securityeverafter.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/securityeverafter.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/securityeverafter.com\/#organization\",\"name\":\"Security Ever After\",\"url\":\"https:\/\/securityeverafter.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/securityeverafter.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/i0.wp.com\/securityeverafter.com\/wp-content\/uploads\/2020\/04\/SECURITY-e1589664916497.jpg?fit=1169%2C826&ssl=1\",\"contentUrl\":\"https:\/\/i0.wp.com\/securityeverafter.com\/wp-content\/uploads\/2020\/04\/SECURITY-e1589664916497.jpg?fit=1169%2C826&ssl=1\",\"width\":1169,\"height\":826,\"caption\":\"Security Ever After\"},\"image\":{\"@id\":\"https:\/\/securityeverafter.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/russelleubanks\",\"https:\/\/www.linkedin.com\/in\/russelleubanks\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/securityeverafter.com\/#\/schema\/person\/38dd34bdece8068be18430e4c96ce5f3\",\"name\":\"Russell\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/securityeverafter.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/8567bffe1f64223494326650c53f921b?s=96&r=pg\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/8567bffe1f64223494326650c53f921b?s=96&r=pg\",\"caption\":\"Russell\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"CIS Controls Implementation Guide - Security Ever After - vCISO","description":"CIS Controls Implementation Guide was recently released and is focused on three key areas","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/securityeverafter.com\/cis-controls-implementation-guide\/","og_locale":"en_US","og_type":"article","og_title":"CIS Controls Implementation Guide - Security Ever After - vCISO","og_description":"CIS Controls Implementation Guide was recently released and is focused on three key areas","og_url":"https:\/\/securityeverafter.com\/cis-controls-implementation-guide\/","og_site_name":"Security Ever After - vCISO","article_published_time":"2017-10-07T12:48:00+00:00","article_modified_time":"2023-02-22T16:38:30+00:00","author":"Russell","twitter_card":"summary_large_image","twitter_creator":"@russelleubanks","twitter_site":"@russelleubanks","twitter_misc":{"Written by":"Russell","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/securityeverafter.com\/cis-controls-implementation-guide\/#article","isPartOf":{"@id":"https:\/\/securityeverafter.com\/cis-controls-implementation-guide\/"},"author":{"name":"Russell","@id":"https:\/\/securityeverafter.com\/#\/schema\/person\/38dd34bdece8068be18430e4c96ce5f3"},"headline":"CIS Controls Implementation Guide","datePublished":"2017-10-07T12:48:00+00:00","dateModified":"2023-02-22T16:38:30+00:00","mainEntityOfPage":{"@id":"https:\/\/securityeverafter.com\/cis-controls-implementation-guide\/"},"wordCount":248,"commentCount":1,"publisher":{"@id":"https:\/\/securityeverafter.com\/#organization"},"image":{"@id":"https:\/\/securityeverafter.com\/cis-controls-implementation-guide\/#primaryimage"},"thumbnailUrl":"","articleSection":["Critical Security Controls","cyber security","Lessons Learned"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/securityeverafter.com\/cis-controls-implementation-guide\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/securityeverafter.com\/cis-controls-implementation-guide\/","url":"https:\/\/securityeverafter.com\/cis-controls-implementation-guide\/","name":"CIS Controls Implementation Guide - Security Ever After - vCISO","isPartOf":{"@id":"https:\/\/securityeverafter.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/securityeverafter.com\/cis-controls-implementation-guide\/#primaryimage"},"image":{"@id":"https:\/\/securityeverafter.com\/cis-controls-implementation-guide\/#primaryimage"},"thumbnailUrl":"","datePublished":"2017-10-07T12:48:00+00:00","dateModified":"2023-02-22T16:38:30+00:00","description":"CIS Controls Implementation Guide was recently released and is focused on three key areas","breadcrumb":{"@id":"https:\/\/securityeverafter.com\/cis-controls-implementation-guide\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/securityeverafter.com\/cis-controls-implementation-guide\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/securityeverafter.com\/cis-controls-implementation-guide\/#primaryimage","url":"","contentUrl":""},{"@type":"BreadcrumbList","@id":"https:\/\/securityeverafter.com\/cis-controls-implementation-guide\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/securityeverafter.com\/"},{"@type":"ListItem","position":2,"name":"CIS Controls Implementation Guide"}]},{"@type":"WebSite","@id":"https:\/\/securityeverafter.com\/#website","url":"https:\/\/securityeverafter.com\/","name":"Security Ever After - CISO","description":"vCISO","publisher":{"@id":"https:\/\/securityeverafter.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/securityeverafter.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/securityeverafter.com\/#organization","name":"Security Ever After","url":"https:\/\/securityeverafter.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/securityeverafter.com\/#\/schema\/logo\/image\/","url":"https:\/\/i0.wp.com\/securityeverafter.com\/wp-content\/uploads\/2020\/04\/SECURITY-e1589664916497.jpg?fit=1169%2C826&ssl=1","contentUrl":"https:\/\/i0.wp.com\/securityeverafter.com\/wp-content\/uploads\/2020\/04\/SECURITY-e1589664916497.jpg?fit=1169%2C826&ssl=1","width":1169,"height":826,"caption":"Security Ever After"},"image":{"@id":"https:\/\/securityeverafter.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/russelleubanks","https:\/\/www.linkedin.com\/in\/russelleubanks\/"]},{"@type":"Person","@id":"https:\/\/securityeverafter.com\/#\/schema\/person\/38dd34bdece8068be18430e4c96ce5f3","name":"Russell","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/securityeverafter.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/8567bffe1f64223494326650c53f921b?s=96&r=pg","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/8567bffe1f64223494326650c53f921b?s=96&r=pg","caption":"Russell"}}]}},"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack-related-posts":[],"_links":{"self":[{"href":"https:\/\/securityeverafter.com\/wp-json\/wp\/v2\/posts\/248"}],"collection":[{"href":"https:\/\/securityeverafter.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/securityeverafter.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/securityeverafter.com\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/securityeverafter.com\/wp-json\/wp\/v2\/comments?post=248"}],"version-history":[{"count":2,"href":"https:\/\/securityeverafter.com\/wp-json\/wp\/v2\/posts\/248\/revisions"}],"predecessor-version":[{"id":1715,"href":"https:\/\/securityeverafter.com\/wp-json\/wp\/v2\/posts\/248\/revisions\/1715"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/securityeverafter.com\/wp-json\/"}],"wp:attachment":[{"href":"https:\/\/securityeverafter.com\/wp-json\/wp\/v2\/media?parent=248"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/securityeverafter.com\/wp-json\/wp\/v2\/categories?post=248"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/securityeverafter.com\/wp-json\/wp\/v2\/tags?post=248"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}