The CIS controls were formerly known as the Critical Security Controls framework were developed and maintained by IT and Security Experts at the Centre for Internet Security (CIS) and are recognized by businesses and governments worldwide.

CIS Controls v8 was developed as an advanced release focusing on 18 key focus areas that can be further classified into the following implementation groups:
- Implementation Group 1 (IG1)
- Implementation Group 2 (IG2)
- Implementation Group 3 (IG3)
What are the 18 CIS Security Controls?
- Inventory and Control of Enterprise Assets
- Inventory and Control of Software Assets
- Data Protection
- Secure Configuration of Enterprise Assets and Software
- Account Management
- Access Control Management
- Continuous Vulnerability Management
- Audit Log Management
- E-mail and Web Browser Protections
- Malware Defenses
- Data Recovery
- Network Infrastructure Management
- Network Monitoring and Defense
- Security Awareness and Skills Training
- Service Provider Management
- Application Software Security
- Incident Response Management
- Penetration Testing
How can CloudTech24 help with your alignment to the CIS Security Controls?
CloudTech24 provide CIS alignment consulting for clients looking to implement a cyber security framework as part of an effective cyber security strategy. CloudTech24 assist organisations with an understanding of the requirements for CIS Critical Security Controls, mapping of current approach against our CIS matrix, identification of gaps and provide managed security services (MSS) leveraging leading security vendors to provide full coverage to the CIS security framework..
CloudTech24 provide fully managed and scalable security solutions managed by our global security monitor 24/7/365 days a year to provide continuous security monitoring and maintenance of cyber security protection.
Download our free CIS Implementation Guide

Submit your e-mail to download our complete CIS implementation guide detailing each of the 18 controls and the requirements to implement.
Frequently Asked Questions about CIST Security Controls:
Please see below for some common questions about CIST Security Controls. If you would prefer to speak to someone then give us a call and speak to one of our team in our global HQ to understand your requirements and learn how our security experts support other businesses in the United Kingdom (UK).
WHAT ARE CIS CONTROLS?
The CIS Controls (previously known as Critical Security Controls) are a set of recommended actions for cyber security purposes that provide specific and actionable ways to stop today’s most common and dangerous attacks.
WHAT IS THE PURPOSE OF CIS CONTROLS?
CIS Controls are designed to support your business and its security posture. It is a set of guidelines that it is recommended are implemented by all businesses where possible.
HOW MANY CIS CONTROLS ARE THERE?
There are 18 CIS controls.
WHAT IS THE DIFFERENCE BETWEEN CIS AND NIST?
CIS and NIST are ultimately very similar. Both provide frameworks and recommendations for cyber security and support businesses in securing their assets and data.
WHAT DOES CIS STAND FOR?
Center for Internet Security.