Red River Secure-EDU Cyber Security Control Framework CIS First 5 Self-Assessment Tool

CIS Controls™ are a prioritized set of actions that collectively form a defense-in-depth set of best practices that mitigate the most common attacks against systems and networks. The CIS Controls are developed by a community of IT experts who apply their first-hand experience as cyber defenders to create these globally accepted security best practices.

Red River is positioning the CIS 20 security community to assist K12 and Higher ED security leaders use CIS Controls to quickly establish the protections providing the highest payoff in their organizations. Moreover, the CIS Controls are a relatively small number of prioritized, well-vetted, and supported security actions that organizations can take to assess and improve their current security state. They also change the discussion FROM what should my District do TO what should we ALL be doing to improve security across a broad scale.

The five critical tenets of an effective cyber defense system as reflected in the CIS Controls are:

1

Offense Informs Defense:

Use knowledge of actual attacks that have compromised systems to provide the foundation to continually learn from these events to build effective, practical defenses. Include only those Controls that can be shown to stop known real-world attacks.

2

Prioritization:

Invest first in Controls that will provide the greatest risk reduction and protection against the most dangerous threat actors and that can be feasibly implemented in your computing environment.

3

Measurements and Metrics:

Establish common metrics to provide a shared language for executives, IT specialists, auditors, and security officials to measure the effectiveness of security measures within an organization so that required adjustments can be identified and implemented quickly.

4

Continuous Diagnostics and Mitigation:

Carry out continuous measurement to test and validate the effectiveness of current security measures and to help drive the priority of next steps.

5

Automation:

Automate defenses so that organizations can achieve reliable, scalable, and continuous measurements of their adherence to the Controls and related metrics.

Learn More:

For more details on the complete CIS 20 Security Controls please visit:
https://www.cisecurity.org/controls/cis-controls-list/

FEATURED RESOURCE

Download the Audit Scripts Secure-EDU CIS First 5 Self-Assessment

The time is now to ensure your K-12 & Higher Ed organization’s security framework and practices are optimized for managing risk. Red River is here to help. For more information, please contact Red River at security@redriver.com

Red River Secure-EDU Cyber Security Control Framework CIS Complete 20 Self-Assessment Tool

Organizations around the world rely on the CIS Controls security best practices to improve their cyber defenses. Red River is positioning the CIS 20 security community to assist K12 and Higher ED security leaders use CIS Controls to quickly establish the protections providing the highest payoff in their organizations. They guide you through a series of 20 foundational and advanced cybersecurity actions, where the most common attacks can be eliminated.

K-12 & Higher ED CISOs, IT security experts, compliance auditors, and more use the CIS Controls to:

Leverage the battle-tested expertise of the global IT community to defend against cyber attacks

Focus security resources based on proven best practices, not on any one vendor’s solution

Organize an effective cybersecurity program according to Implementation Groups

For additional CIS 20 control information and self-assessment tool information please go to:
https://www.auditscripts.com/category/20-critical-controls/ and https://www.cisecurity.org/cybersecurity-tools/

FEATURED RESOURCE

Download the Audit Scripts Secure-EDU CIS 20 Self-Assessment:

The time is now to ensure your K-12 & Higher Ed organization’s security framework and practices are optimized for managing risk. Red River is here to help. For more information, please contact Red River at security@redriver.com

LET’S GET STARTED

info@redriver.com

We would love to hear from you! Please fill
out the form below and we will get in touch
with you shortly, or visit our locations page for
contact information for individual offices.