What Are Cybersecurity Controls?

For today’s tech tip Tuesday. I want to talk about cyber security control. What is it and why should you care? Well, Control is a component. For a home, it might be a door or it might be the lock on the door. And for an IT-related control, it might be a firewall or your username and password. A Password is a mechanism by which you can allow access, block access, or tag access in the form of a log so that you can see what’s happening on a network. And there are literally thousands of controls.

The National Institute of Standards and Technology, or NIST is the basic framework for all cybersecurity controls. In its original format, it had over 1000 controls. This can be so overwhelming to the average small to mid-sized business that they never get started because it’s just too bad.

What we have been doing is helping businesses with controls as it relates to another organization called the Center for Internet Security. The CIS has a top 20 controls list that you need to take a look at. If you just implement the top 5 of the CIS top 20 controls, it’s going to protect you at an 85% level against cyber attacks. If you implement all 20, you’re 97% protected from cyber-attacks. This is really something that is very digestible for the small to mid-sized business and is something BIS can help you with.

If you have more questions, fill out the form below. I’d be happy to discuss the CIS top 20 with you to see how it affects your business and how you can obtain a higher cyber security level maturity.