Tenable has announced a strategic partnership with the Center for Internet Security, Inc. (CIS) that will bolster cyber hygiene for both public and private sector organisations, making foundational cybersecurity more affordable, accessible and actionable.
The two primary challenges organisations face in achieving basic cyber hygiene are lean budgets and limited staff with security expertise. This partnership is an important step in making foundational cybersecurity more attainable for both small and medium-sized organisations. To this end, CIS has developed a new prioritisation scheme called the CIS Controls Assessment Specification for CIS Controls, its internationally recognised cybersecurity best practices. The CIS Controls are organised into Implementation Groups (IGs) which provide a prioritised path for organisations to improve their cybersecurity posture. IG1 represents basic cyber hygiene and the essential protections that should be put into place by all organisations.
Through its new Tenable.sc dashboard and report, Tenable is the first and only vendor to automate both the implementation and auditing of an organisation’s adherence to IG1, maximising limited budgets and resource-constrained teams. This helps organisations transform the Controls into actionable cybersecurity recommendations and integrate basic cyber hygiene across their operations.
“The vast majority of cyber-attacks aren’t the result of super sophisticated techniques. Instead, bad actors are going after low hanging fruit — lax cybersecurity measures,” said Renaud Deraison, chief technology officer and co-founder, Tenable. “Our partnership with CIS is helping organisations mature their cybersecurity programs and improve cyber hygiene with their existing resources, budget and staff.”
“The CIS Controls Assessment Specification is immediately beneficial in that it removes the need for Sub-Control interpretation that is often found in the industry,” said Curtis Dukes, CIS executive vice president and general manager, security best practices. “ Our partnership with Tenable provides a method for their customers to measure the Controls’ conformance in a uniform, comparable way.”
To make the framework even more accessible and affordable for the more than 12,000 combined Multi-State Information Sharing and Analysis Center (MS-ISAC) and Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC) members, Tenable’s solutions are now the only comprehensive, risk-based vulnerability management offerings available in the CIS CyberMarket.
For more information about the partnership, visit tenable.com/center-for-internet-security-cis-partnership.