How can you implement CIS controls with Versio.io to enhance your cybersecurity?

Mapping CIS Controls to Versio.io functionality

How to implement cyber security assurance based on CIS controls with Versio.io?

The Center for Internet Security (CIS) is a non-profit organization that provides cybersecurity solutions and services to governments and businesses around the world. Its mission is to help organizations reduce their risk of cyberattacks and protect their sensitive information.

CIS controls, also known as Center for Internet Security controls, are a set of cybersecurity best practices that organizations can implement to improve their security posture and reduce the risk of cyberattacks. These controls are organized into 18 categories (version 8), each with a set of specific recommendations. The following table illustrates which CIS Controls can be efficiently implemented with Versio.io:

CIS Control ID	Topic	Versio.io coverage rate	Versio.io solution offering
1	Inventory and Control of Enterprise Assets	100%	Infrastructure inventory including historization and change & topology detection Support for hosts (server, workstations, mainframe), hyperwiser, cloud & containerization platforms, network router/switches, firewalls, network attached storages Detection of unknown assets
2	Inventory and Control of Software Assets	100%	Application stack inventory including historization and change & topology detection Support for containers, processes (including libraries, farmeworks and plugins), services, configurations, applications
3	Data Protection	100%	Identification and classification of data repositories on the basis of asset inventory and protection requirements assessment Capture of the status of data in the form of assets Mining and monitoring of data-oriented ETL and batch job processes
4	Secure Configuration of Enterprise Assets and Software	100 %	CIS based governance rule content repository Adopt, define and verify governance rule
5	Account Management	25%	Inventory and change detection of user accounts Verification and monitoring of user account states
6	Access Control Management	25%	Inventory and change detection of access authorizations, roles, groups and rights Verification and monitoring of the status of access authorisations
7	Continuous Vulnerability Management	100%	Release, patch & end-of-life assessement IT security vulnerability and exposure detection (CVE) Adopt, define and verify security relevant governance rule
8	Audit Log Management	75%	Audit log of third-party system configurations Inventory of third-party system events Inventory of infrastructure, application and organization stack Recovery of third-party system configuration states
9	Email and Web Browser Protections	0%	No functional scope of the Versio.io solution
10	Malware Defenses	0%	No functional scope of the Versio.io solution
11	Data Recovery	50%	Audit log / inventory of third-party system configurations Recovery of third-party system configuration states Mining and monitoring of data recovery processes
12	Network Infrastructure Management	100%	Network infrastructure inventory including historization and change & topology detection Support for network router/switches, network firewalls, network attached storages Verification and monitoring of the network infrastructure assets (configuration, state) Release, patch & end-of-life assessement IT security vulnerability and exposure detection (CVE)
13	Network Monitoring and Defense	0%	No functional scope of the Versio.io solution
14	Security Awareness and Skills Training	50%	Calculation of the protection requirement for each asset on the basis of the protection requirement analyses and topologies defined by the customer Governance rules repository for the verification of security-relevant configurations and states
15	Service Provider Management	0%	Organizational process level
16	Application Software Security	100%	Release, patch & end-of-life assessement IT security vulnerability and exposure detection (CVE)
17	Incident Response Management	0%	Organizational process level
18	Penetration Testing	0%	No functional scope of the Versio.io solution