The Center for Internet Security (CIS) Top 20 Critical Security Controls (previously known as the SANS Top 20 Critical Security Controls), is the most pervasive and dangerous threats of today are addressed by a set of prioritized best practices.
Few basic CIS controls include- Inventory and Control of Enterprise Assets, Inventory, and Control of Software Assets, Data Protection, Secure Configuration of Enterprise Assets and Software, Account Management, Access Control Management, Continuous Vulnerability Management, Audit Log Management, Email Web Browser, and Protections, Malware Defenses.
CIS Benchmarks are industry-specific documents that document how to configure IT systems, software, and networks securely. CIS Benchmarks are developed by a team of cybersecurity professionals and subject matter experts around the world, who are constantly identifying, refining, and verifying security best practices in their particular areas of expertise.
The CIS-RAM is an information security risk assessment method that helps businesses to implement and assess their security posture against cybersecurity best practices.