Cybersecurity

CIS Controls

The CIS Controls are a prioritized list of concrete security measures, published by the Center for Internet Security, designed to be implemented progressively starting with the highest-impact controls.

Why it matters

Unlike more theoretical frameworks, the CIS Controls point to very operational actions, making them accessible to IT teams without a dedicated security expert.

Concrete example

A company starts with CIS Controls 1 and 2 (hardware and software inventory) before tackling more advanced controls.

Related notions

Security controlsCyber hygieneRisk prioritization

Assess your organization's maturity on this topic

Start the diagnostic
Back to glossary