{"id":262,"date":"2015-10-17T14:33:00","date_gmt":"2015-10-17T14:33:00","guid":{"rendered":"https:\/\/belayclientstaging.zone\/securityeverafter\/2015\/10\/17\/cis-critical-security-controls-version-6-0\/"},"modified":"2015-10-17T14:33:00","modified_gmt":"2015-10-17T14:33:00","slug":"cis-critical-security-controls-version-6-0","status":"publish","type":"post","link":"https:\/\/securityeverafter.com\/cis-critical-security-controls-version-6-0\/","title":{"rendered":"CIS Critical Security Controls &#8211; Version 6.0"},"content":{"rendered":"<p>I recently posted the&nbsp;<a href=\"https:\/\/isc.sans.edu\/diary\/CIS+Critical+Security+Controls+-+Version+6.0\/20267\">below<\/a>&nbsp;on the&nbsp;<a href=\"https:\/\/isc.sans.edu\/\">SANS Internet Storm Center<\/a>.<\/p>\n<div><\/div>\n<div><\/div>\n<div><!--?xml version=\"1.0\" encoding=\"UTF-8\" standalone=\"no\"?--> <\/p>\n<div style=\"font-family: 'Helvetica Neue'; font-size: 14px;\">Right in the middle of <a href=\"http:\/\/www.dhs.gov\/national-cyber-security-awareness-month\">Cyber Security Awareness Month (CSAM)<\/a>, the <a href=\"https:\/\/www.cisecurity.org\/\">Center for Internet Security (CIS)<\/a> released&nbsp;<a href=\"http:\/\/www.cisecurity.org\/critical-controls.cfm\">Version 6.0&nbsp;of the&nbsp;CIS&nbsp;Critical&nbsp;Security&nbsp;Controls&nbsp;for&nbsp;Effective&nbsp;Cyber&nbsp;Defense<\/a>.&nbsp;This update&nbsp;incorporates significant changes that represent the&nbsp;latest&nbsp;technologies&nbsp;and&nbsp;threats faced by information security professionals. The most notable changes to the <a href=\"http:\/\/www.cisecurity.org\/critical-controls.cfm\">CIS Critical Security Controls<\/a> are listed below and discussed at length in the <a href=\"https:\/\/www.sans.org\/webcasts\/100852\">archived webcast<\/a>. <\/div>\n<div style=\"font-family: 'Helvetica Neue'; font-size: 14px;\">\n<div><\/div>\n<ul>\n<li>A&nbsp;new&nbsp;Control&nbsp;for&nbsp;Email&nbsp;and&nbsp;Web&nbsp;Browser&nbsp;Protections<\/li>\n<li>Deletion&nbsp;of&nbsp;the&nbsp;Control&nbsp;on&nbsp;Secure&nbsp;Network&nbsp;Engineering<\/li>\n<li>Reordering&nbsp;of&nbsp;the&nbsp;Controls&nbsp;to&nbsp;make&nbsp;Controlled&nbsp;Use&nbsp;of&nbsp;Administration Privileges&nbsp;higher&nbsp;in&nbsp;priority<\/li>\n<\/ul>\n<\/div>\n<div style=\"font-family: 'Helvetica Neue'; font-size: 14px;\"><\/div>\n<div style=\"font-family: 'Helvetica Neue'; font-size: 14px;\">I believe this update positions the <a href=\"http:\/\/www.cisecurity.org\/critical-controls.cfm\">CIS Critical Security Controls<\/a> to remain both an actionable and relevant framework to build and sustain an effective cyber security program. Implementing them has been the catalyst to many organizations demonstrably increasing their cyber security posture. With intentional planning and focus, you can too. The following are several steps you can take right now to start or continue on your journey. <\/div>\n<div style=\"font-family: 'Helvetica Neue'; font-size: 14px;\"><\/div>\n<div style=\"font-family: 'Helvetica Neue'; font-size: 14px;\">\n<div><a href=\"http:\/\/www.cisecurity.org\/documents\/CSCPressRelease.pdf\">View the press release<\/a><\/div>\n<div><a href=\"https:\/\/www.sans.org\/webcasts\/cis-critical-security-controls-briefing-100852\">View the agenda from the briefing<\/a><\/div>\n<div><a href=\"https:\/\/www.sans.org\/webcasts\/100852\">Watch the archived webcast<\/a><\/div>\n<div><a href=\"http:\/\/www.cisecurity.org\/critical-controls.cfm\">Download Version 6.0 of the CIS Critical Security Controls<\/a><\/div>\n<div><a href=\"https:\/\/isc.sans.edu\/tag.html?tag=Cyber%20Security%20Awareness%20Month%202011\">Review the 2011 Internet Storm Center Series on the Critical Security Controls<\/a><\/div>\n<\/div>\n<div style=\"font-family: 'Helvetica Neue'; font-size: 14px;\"><a href=\"https:\/\/www.sans.org\/critical-security-controls\/\">Learn more about the Critical Security Controls on the SANS website<\/a><\/div>\n<div style=\"font-family: 'Helvetica Neue'; font-size: 14px;\"><\/div>\n<div style=\"font-family: 'Helvetica Neue'; font-size: 14px;\">\n<div>What will you do differently at your organization as a result of this update? Use the comments field to share your feedback! <\/div>\n<div><\/div>\n<div>Russell Eubanks <\/div>\n<div><a href=\"https:\/\/isc.sans.edu\/handler_list.html\">ISC Handler<\/a><\/div>\n<div><a href=\"http:\/\/twitter.com\/russelleubanks\"><span style=\"color: #006699;\">@russelleubanks<\/span><\/a><\/div>\n<\/div>\n<div style=\"font-family: 'Helvetica Neue'; font-size: 14px;\"><a href=\"https:\/\/www.sans.org\/event\/security-leadership-summit-2015\"><span style=\"color: #006699;\">SANS Security&nbsp;Leadership&nbsp;Summit<\/span><\/a><\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>I recently posted the&nbsp;below&nbsp;on the&nbsp;SANS Internet Storm Center. Right in the middle of Cyber Security Awareness Month (CSAM), the Center for Internet Security (CIS) released&nbsp;Version 6.0&nbsp;of the&nbsp;CIS&nbsp;Critical&nbsp;Security&nbsp;Controls&nbsp;for&nbsp;Effective&nbsp;Cyber&nbsp;Defense.&nbsp;This update&nbsp;incorporates significant changes that represent the&nbsp;latest&nbsp;technologies&nbsp;and&nbsp;threats faced by information security professionals. The most notable changes to the CIS Critical Security Controls are listed below and discussed at length [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","enabled":false},"version":2}},"categories":[7,21,22],"tags":[],"jetpack_publicize_connections":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.7 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>CIS Critical Security Controls - Version 6.0 - Security Ever After - vCISO<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/securityeverafter.com\/cis-critical-security-controls-version-6-0\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"CIS Critical Security Controls - Version 6.0 - Security Ever After - vCISO\" \/>\n<meta property=\"og:description\" content=\"I recently posted the&nbsp;below&nbsp;on the&nbsp;SANS Internet Storm Center. Right in the middle of Cyber Security Awareness Month (CSAM), the Center for Internet Security (CIS) released&nbsp;Version 6.0&nbsp;of the&nbsp;CIS&nbsp;Critical&nbsp;Security&nbsp;Controls&nbsp;for&nbsp;Effective&nbsp;Cyber&nbsp;Defense.&nbsp;This update&nbsp;incorporates significant changes that represent the&nbsp;latest&nbsp;technologies&nbsp;and&nbsp;threats faced by information security professionals. The most notable changes to the CIS Critical Security Controls are listed below and discussed at length [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/securityeverafter.com\/cis-critical-security-controls-version-6-0\/\" \/>\n<meta property=\"og:site_name\" content=\"Security Ever After - vCISO\" \/>\n<meta property=\"article:published_time\" content=\"2015-10-17T14:33:00+00:00\" \/>\n<meta name=\"author\" content=\"Russell\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@russelleubanks\" \/>\n<meta name=\"twitter:site\" content=\"@russelleubanks\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Russell\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/securityeverafter.com\/cis-critical-security-controls-version-6-0\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/securityeverafter.com\/cis-critical-security-controls-version-6-0\/\"},\"author\":{\"name\":\"Russell\",\"@id\":\"https:\/\/securityeverafter.com\/#\/schema\/person\/38dd34bdece8068be18430e4c96ce5f3\"},\"headline\":\"CIS Critical Security Controls &#8211; Version 6.0\",\"datePublished\":\"2015-10-17T14:33:00+00:00\",\"dateModified\":\"2015-10-17T14:33:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/securityeverafter.com\/cis-critical-security-controls-version-6-0\/\"},\"wordCount\":304,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/securityeverafter.com\/#organization\"},\"articleSection\":[\"Leadership\",\"Operational Security\",\"SANS Top 20 Controls\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/securityeverafter.com\/cis-critical-security-controls-version-6-0\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/securityeverafter.com\/cis-critical-security-controls-version-6-0\/\",\"url\":\"https:\/\/securityeverafter.com\/cis-critical-security-controls-version-6-0\/\",\"name\":\"CIS Critical Security Controls - Version 6.0 - Security Ever After - vCISO\",\"isPartOf\":{\"@id\":\"https:\/\/securityeverafter.com\/#website\"},\"datePublished\":\"2015-10-17T14:33:00+00:00\",\"dateModified\":\"2015-10-17T14:33:00+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/securityeverafter.com\/cis-critical-security-controls-version-6-0\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/securityeverafter.com\/cis-critical-security-controls-version-6-0\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/securityeverafter.com\/cis-critical-security-controls-version-6-0\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/securityeverafter.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"CIS Critical Security Controls &#8211; Version 6.0\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/securityeverafter.com\/#website\",\"url\":\"https:\/\/securityeverafter.com\/\",\"name\":\"Security Ever After - CISO\",\"description\":\"vCISO\",\"publisher\":{\"@id\":\"https:\/\/securityeverafter.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/securityeverafter.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/securityeverafter.com\/#organization\",\"name\":\"Security Ever After\",\"url\":\"https:\/\/securityeverafter.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/securityeverafter.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/i0.wp.com\/securityeverafter.com\/wp-content\/uploads\/2020\/04\/SECURITY-e1589664916497.jpg?fit=1169%2C826&ssl=1\",\"contentUrl\":\"https:\/\/i0.wp.com\/securityeverafter.com\/wp-content\/uploads\/2020\/04\/SECURITY-e1589664916497.jpg?fit=1169%2C826&ssl=1\",\"width\":1169,\"height\":826,\"caption\":\"Security Ever After\"},\"image\":{\"@id\":\"https:\/\/securityeverafter.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/russelleubanks\",\"https:\/\/www.linkedin.com\/in\/russelleubanks\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/securityeverafter.com\/#\/schema\/person\/38dd34bdece8068be18430e4c96ce5f3\",\"name\":\"Russell\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/securityeverafter.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/8567bffe1f64223494326650c53f921b?s=96&r=pg\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/8567bffe1f64223494326650c53f921b?s=96&r=pg\",\"caption\":\"Russell\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"CIS Critical Security Controls - Version 6.0 - Security Ever After - vCISO","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/securityeverafter.com\/cis-critical-security-controls-version-6-0\/","og_locale":"en_US","og_type":"article","og_title":"CIS Critical Security Controls - Version 6.0 - Security Ever After - vCISO","og_description":"I recently posted the&nbsp;below&nbsp;on the&nbsp;SANS Internet Storm Center. Right in the middle of Cyber Security Awareness Month (CSAM), the Center for Internet Security (CIS) released&nbsp;Version 6.0&nbsp;of the&nbsp;CIS&nbsp;Critical&nbsp;Security&nbsp;Controls&nbsp;for&nbsp;Effective&nbsp;Cyber&nbsp;Defense.&nbsp;This update&nbsp;incorporates significant changes that represent the&nbsp;latest&nbsp;technologies&nbsp;and&nbsp;threats faced by information security professionals. The most notable changes to the CIS Critical Security Controls are listed below and discussed at length [&hellip;]","og_url":"https:\/\/securityeverafter.com\/cis-critical-security-controls-version-6-0\/","og_site_name":"Security Ever After - vCISO","article_published_time":"2015-10-17T14:33:00+00:00","author":"Russell","twitter_card":"summary_large_image","twitter_creator":"@russelleubanks","twitter_site":"@russelleubanks","twitter_misc":{"Written by":"Russell","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/securityeverafter.com\/cis-critical-security-controls-version-6-0\/#article","isPartOf":{"@id":"https:\/\/securityeverafter.com\/cis-critical-security-controls-version-6-0\/"},"author":{"name":"Russell","@id":"https:\/\/securityeverafter.com\/#\/schema\/person\/38dd34bdece8068be18430e4c96ce5f3"},"headline":"CIS Critical Security Controls &#8211; Version 6.0","datePublished":"2015-10-17T14:33:00+00:00","dateModified":"2015-10-17T14:33:00+00:00","mainEntityOfPage":{"@id":"https:\/\/securityeverafter.com\/cis-critical-security-controls-version-6-0\/"},"wordCount":304,"commentCount":0,"publisher":{"@id":"https:\/\/securityeverafter.com\/#organization"},"articleSection":["Leadership","Operational Security","SANS Top 20 Controls"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/securityeverafter.com\/cis-critical-security-controls-version-6-0\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/securityeverafter.com\/cis-critical-security-controls-version-6-0\/","url":"https:\/\/securityeverafter.com\/cis-critical-security-controls-version-6-0\/","name":"CIS Critical Security Controls - Version 6.0 - Security Ever After - vCISO","isPartOf":{"@id":"https:\/\/securityeverafter.com\/#website"},"datePublished":"2015-10-17T14:33:00+00:00","dateModified":"2015-10-17T14:33:00+00:00","breadcrumb":{"@id":"https:\/\/securityeverafter.com\/cis-critical-security-controls-version-6-0\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/securityeverafter.com\/cis-critical-security-controls-version-6-0\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/securityeverafter.com\/cis-critical-security-controls-version-6-0\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/securityeverafter.com\/"},{"@type":"ListItem","position":2,"name":"CIS Critical Security Controls &#8211; Version 6.0"}]},{"@type":"WebSite","@id":"https:\/\/securityeverafter.com\/#website","url":"https:\/\/securityeverafter.com\/","name":"Security Ever After - CISO","description":"vCISO","publisher":{"@id":"https:\/\/securityeverafter.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/securityeverafter.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/securityeverafter.com\/#organization","name":"Security Ever After","url":"https:\/\/securityeverafter.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/securityeverafter.com\/#\/schema\/logo\/image\/","url":"https:\/\/i0.wp.com\/securityeverafter.com\/wp-content\/uploads\/2020\/04\/SECURITY-e1589664916497.jpg?fit=1169%2C826&ssl=1","contentUrl":"https:\/\/i0.wp.com\/securityeverafter.com\/wp-content\/uploads\/2020\/04\/SECURITY-e1589664916497.jpg?fit=1169%2C826&ssl=1","width":1169,"height":826,"caption":"Security Ever After"},"image":{"@id":"https:\/\/securityeverafter.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/russelleubanks","https:\/\/www.linkedin.com\/in\/russelleubanks\/"]},{"@type":"Person","@id":"https:\/\/securityeverafter.com\/#\/schema\/person\/38dd34bdece8068be18430e4c96ce5f3","name":"Russell","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/securityeverafter.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/8567bffe1f64223494326650c53f921b?s=96&r=pg","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/8567bffe1f64223494326650c53f921b?s=96&r=pg","caption":"Russell"}}]}},"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack-related-posts":[],"_links":{"self":[{"href":"https:\/\/securityeverafter.com\/wp-json\/wp\/v2\/posts\/262"}],"collection":[{"href":"https:\/\/securityeverafter.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/securityeverafter.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/securityeverafter.com\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/securityeverafter.com\/wp-json\/wp\/v2\/comments?post=262"}],"version-history":[{"count":0,"href":"https:\/\/securityeverafter.com\/wp-json\/wp\/v2\/posts\/262\/revisions"}],"wp:attachment":[{"href":"https:\/\/securityeverafter.com\/wp-json\/wp\/v2\/media?parent=262"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/securityeverafter.com\/wp-json\/wp\/v2\/categories?post=262"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/securityeverafter.com\/wp-json\/wp\/v2\/tags?post=262"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}