How many CIS Controls are there
The CIS Controls are divided into three main categories: Basic, Foundational, and Organisational. Each control within these categories plays a crucial role in enhancing your organisation’s cybersecurity posture by addressing specific aspects of risk management, threat detection, incident response, and overall resilience. These controls offer a structured and adaptable approach, allowing you to prioritise and implement measures that align with your organisation’s unique operational environment and risk profile.
Basic CIS security controls
Basic CIS security controls are the essential first steps to improving cybersecurity, forming a foundational framework that addresses fundamental vulnerabilities, enhances threat detection capabilities, and establishes a solid groundwork for a more comprehensive and resilient defence strategy.
Foundational CIS security controls
Foundational CIS security controls are considered the best practices for establishing a strong cybersecurity foundation, and serve as the cornerstone of a robust cybersecurity strategy, encompassing a set of vital measures designed to fortify an organisation’s digital infrastructure. By implementing these foundational controls, organisations establish a resilient baseline of protection, mitigating common threats and minimising potential avenues of exploitation.
Organisational CIS security controls
The Organisational controls help organisations to manage and sustain their cybersecurity program effectively by providing guidance and strategies that facilitate governance, risk management, continuous improvement, and a proactive culture of security awareness. These controls empower organisations to align cybersecurity efforts with business objectives, establish clear roles and responsibilities, develop incident response plans, and regularly assess and adapt security measures in response to evolving threats.
Examples of some key CIS security controls include:
Get help with your organisation's CIS Controls
If you’re looking for support with your CIS security controls, contact our team today. We can provide expert assistance in implementing and optimising your organisation’s CIS Controls to enhance cybersecurity readiness and resilience.
Protecting over 350 businesses for 20 years









