19 May 2021
The Center for Internet Security (CIS) officially launched CIS Controls v8, which was enhanced to keep up with evolving technology, threats, and workplaces. The pandemic changed a lot of things, and it also prompted changes in the CIS Controls.
The Center for Internet Security (CIS) officially launched CIS Controls v8, which was enhanced to keep up with evolving technology (modern systems and software), evolving threats, and even the evolving workplace. The pandemic changed a lot of things, and it also prompted changes in the CIS Controls.
There are now 18 Controls, reduced from 20; These Controls are a prioritised set of Safeguards (formerly sub-controls) to mitigate the most prevalent cyber-attacks against systems and networks, and now include Service Provider Management, an increasingly key area of cyber risk.
As before, there are 3 levels of implementation that an organisation can choose from, depending on the criticality of the information and processes. These are called Implementation Groups (IGs):
Cybercraft offers expert cyber risk governance, management and assessment services. Take a look at our Cyber Risk Assessment solution and our Fractional Chief Information Security Officer service.
19 May 2021
Application security is no longer an afterthought but something that all organisations and businesses need to be very careful about. Unsecured applications pose serious security threats since hackers can find ways to circumvent defences and attack unpatched vulnerabilities.
Read more19 May 2021
UPDATE - SolarWinds Orion vulnerability being actively exploited - Earlier this week, FireEye publicly advised that a highly sophisticated state-sponsored actor had gained access to their network and have taken a copy of the FireEye Red Team tools.
Read more19 May 2021
An Australian supplier to the legal services industry has suffered a cybersecurity incident.
Read more