The Information Security industry has a large variety of solutions to stop attackers in their tracks! They claim to have tools to address every type of attack, and solutions that are silver bullets against all attackers. The current trends say machine learning and AI will solve our latest problems. Yet year over year more attacks are successful and become more damaging as organizations leverage and continue to rely on technology to run the business. Following the industry trends can accumulate interesting technologies designed to stop and alert on adversaries. These solutions are powerful and even cutting-edge, yet the adversary finds a way around or through.
CIS Controls are a different approach, starting with the actual attacks occurring today and in the future. CIS Controls provide a threat-focused prioritization to build a strong information security foundation and reduce business risks. CIS Controls align with existing trends and security focuses like Zero Trust, Automation and Orchestration, leveraging Machine Learning and Artificial Intelligence. The controls add a layer of measurement and metrics to provide the business information security risk information.
The content from this webcast supports SEC566: Implementing and Auditing CIS Controls.