Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Version 7 of the CIS Controls Released SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Version 7 of the CIS Controls Released

The CIS Controls serve as a “prioritized set of actions to protect your organization and data from known cyber attack vectors.”. Embraced by several organizations as outlined in the Case Studies section, significant improvements to their cyber security programs are listed and can serve as an inspiration to consider this approach to effective cyber defense.

Recently Version 7 of the CIS Controls were released. This work reflects the engagement of over many volunteers who helped shape this update. Several key changes made to the CIS Controls are listed below, including the following seven principles.


1. Improve the consistency and simplify the wording of each sub-control

2. Implement "one ask" per sub-control

3. Bring more focus on authentication, encryption, and application whitelisting

4. Account for improvements in security technology and emerging security problems

5. Better align with other frameworks (such as the NIST CSF)

6. Support the development of related products (e.g. measurements/metrics, implementation guides)

7. Identify types of CIS controls (basic, foundational, and organizational)


Have you implemented the CIS Controls? If so, please share some of your experiences in our comments section. If not, consider reviewing the references below to learn more about how they could help you.


Center for Internet Security

CIS Controls

CIS Controls Version 7 – What’s Old, What’s New

Watch Launch Event Video

CIS Controls Version 7 Measures & Metrics

CIS Controls Version 7 Change Log


Russell Eubanks

ISC Handler

SANS Instructor


I will be teaching next: Leading Cybersecurity Change: Building a Security-Based Culture - SANS London December 2021


100 Posts
ISC Handler
Mar 30th 2018

Sign Up for Free or Log In to start participating in the conversation!