Center for Internet Security


center for internet security

What is CIS Compliance?

The Center for Internet Security (CIS) Controls are a set of recommended cyber defense measures designed to protect your organization against hackers and cybercriminals. The CIS Controls prioritize low-effort, high-impact actions and tactics that will improve your cybersecurity posture immediately. (These controls were formerly known as the CIS Critical Security Controls– or CIS CSC. The version 8 update shortened the CIS CSC from 20 to 18 controls and changed the name simply to– CIS Controls.)

The CIS Controls are effective because they’ve been created based on some of the most common cyber attack patterns and trends. The standards were designed by a pool of experts from the National Security Administration (NSA) and some of the nation’s top cybersecurity forensic experts.

This makes the CIS Controls a dynamic, always-relevant framework as it’s constantly updated based on new and emerging threats.

Schedule A


Benefit from round-the-clock security monitoring and management by a dedicated team of security experts and technologies that enable you to focus on activities that are core to growing your business.

18 CIS Controls

The Center for Internet Security has put forth the 18 CIS Controls for businesses and organizations to adopt. The latest version (v8) consolidates the former CIS CSC by activities and includes some revised terminology to reflect the decreased prioritization of physical devices, fixed boundaries, and discrete islands of security implementation.



  • Inventory and Control of Enterprise Assets
  • Inventory and Control of Software Assets
  • Data Protection
  • Secure Configuration of Enterprise Assets and Software
  • Account Management


  • Access Control Management
  • Continuous Vulnerability Management
  • Audit Log Management
  • Email and Web Browser Protections
  • Malware Defenses
  • Data Recovery


  • Network Infrastructure Management
  • Network Monitoring and Defense
  • Security Awareness and Skills Training
  • Service Provider Management
  • Application Software Security
  • Incident Response Management
  • Penetration Testing


How CIS Controls Add Value to Your Organization

  • Threat Prevention: Since the CIS Controls are an evolving framework, implementation will keep your cyber defenses up-to-date with the latest threats.
  • Asset Control: By implementing CIS requirements, you’ll ensure that access is restricted to authorized personnel only.
  • Secure Communications: From email and chat to enterprise messaging apps, adopting CIS Controls keeps all communications confidential and secure.
  • Security Benchmarking: The Center for Internet Security Benchmarks are included in CIS requirements and will allow you to accurately assess your cybersecurity posture.
  • Brand Protection: Keeping hackers at bay also means keeping your business out of the headlines. Protect your reputation with CIS Controls implementation.
  • Ongoing Training: A key portion of CIS Controls implementation and adoption is training staff at all levels on basic cybersecurity best practices and cyber hygiene.

Download our CIS Controls Advisory Services Data Sheet Here


How RSI Security Can Help Your Organization

RSI Security will facilitate your implementation of the 18 CIS Controls quickly and cost-effectively. Our experts will help your organization meet CIS requirements with a collaborative, hands-on method. Here are some of the benefits of choosing RSI Security’s CIS Controls services:


Expert-Guided Implementation

Our dedicated CIS Controls experts will work with you each step of the way to complete all benchmarks and milestones. Our professionals have been working with the Center for Internet Security Controls and all previous versions of CIS CSC since their development in 2008. Our team stays up-to-date on the latest requirements for version 8 of CIS Controls.


Development of a Roadmap

RSI Security will assess your entire cybersecurity infrastructure and present a clear path towards meeting CIS requirements.


Cost and Time Effective

We’ll ensure that you meet all Center for Internet Security benchmarks within your customized timeline and budget and ensure a streamlined and precisely organized process for your team along the way.


Continual Operationalization

Our CIS Controls compliance experts won’t just get you compliant. RSI Security is a long-term partner for operationalizing the 18 CIS controls. We are a full-suite cybersecurity and compliance advisory provider.


Organizations that trust RSI Security


Start taking steps now to ensure your PCI DSS Compliance is up-to-date and avoid costly data-breach-related litigation and damage to business reputation.