Readings: Systems Hardening with CIS Standards

Below you will find reading materials and additional resources that support today’s topic and the upcoming lecture.

Review the Submission Instructions for guidance on completing and submitting this assignment.

Reading

CIS Benchmarks

What are three benefits of following CIS Benchmarks?

• Regularly updated and explicit guidance for securing every area of an IT infrastructure.
• Collective expertise of global IT and cybersecurity professionals.
• Consistency of compliance management

What are the seven core categories of CIS Benchmarks?

1. Operating systems benchmarks
2. Server software benchmarks
3. Cloud provider benchmarks
4. Mobile device benchmarks
5. Network device benchmarks
6. Desktop software benchmarks
7. Multi-function print device benchmarks

How would you convince your manager that applying CIS Benchmarks could fast-track your organization’s compliance?

Because CIS Benchmarks cover basically every cybersecurity practice, and even offer hardened images of OS', one benefit is that it's easy to implement with minimal operational disruption. They also "map to" security and data privacy regulations, namely "NIST (National Institute of Standards and Technology) Cybersecurity Framework, the PCI DSS (Payment Card Industry Data Security Standard) (PCI DSS), HIPAA (Health Insurance Portability and Accountability Act), and ISO/EIC 2700." It's basically a freebie instead of struggling to find ways to implement your own security framework.

Sources: https://www.ibm.com/topics/cis-benchmarks

Additional Resources

The below resources are not a part of this reading assignment but will enrich your understanding of the topic.

Bookmark and Review

Center for Internet Security (CIS) Basics of the CIS Hardening Guidelines Case Study: How CIS Controls Can Limit the Cascading Failures During an Attack

Things I Want to Know More About

Security frameworks and if it can applied to the average user.