Securing Cyberspace: Insights from SANS Managing Information Security Risk with CIS Controls

In a compelling webcast, (SANS Institute - YouTube) Brian Ventura of the SANS Institute delved into the details of managing information security risk using the Cybersecurity and Infrastructure Security Agency's (CIS) Critical Security Controls (CSC). Ventura, a consultant at SANS with 30 years of experience, focused on the importance of implementing controls to protect against cyber threats.

Ventura laid out the problem of increasing ransomware events and stressed the need for organizations to return to basics and consider where controls would be most effective. He highlighted the CIS Critical Security Controls, established to help organizations protect themselves from cyber threats. One of the key points discussed was the shared responsibility model, where organizations using cloud services are responsible for managing access to files and data.

He delved into the implementation of controls at both system and network levels and discussed the structure of the SANS Institute's implementation groups. He emphasized the importance of mapping controls to the techniques and tactics used by adversaries, based on community consensus and defense models.

Ventura shared that implementing just Group One of the CIS controls can offer 75% or greater protection from the five most common cyberattacks. To achieve 90% or above protection, organizations should move to Group Three and integrate additional safeguards.

The webcast also touched on the use of application control for security within an organization. While acknowledging its power, Ventura noted that it can be challenging to implement effectively. He recommended starting small with a test group and gradually expanding the use of application control as the organization becomes more comfortable with it.

The webcast also discussed the importance of using public platforms to gather information during digital footprint investigations. Details such as phone numbers, email addresses, and even resume information can be found online through search engines, proving invaluable to investigators.

The SANS Institute's presentation also highlighted the significance of ongoing monitoring and risk assessment to continually improve security postures. It mentioned various tools, like the CIS Navigator tool that can map between different security frameworks, and the CIS Rapid Risk Assessment Model which provides a methodology for conducting ongoing risk assessments.

In conclusion, the SANS Institute's webcast on managing information security risk with CIS controls provided valuable insights and guidance for organizations aiming to enhance their cybersecurity measures. In the face of increasing cyber threats, the message is clear - a proactive approach, leveraging effective controls and continuous risk assessment, is crucial to ensuring robust cybersecurity.

Know more. Investigate better.