by pec1960
Share
What is the CIS Top 20?
As advisors to businesses with varied and complex security needs across a range of compliance and regulatory environments, Horn has adopted a security assessment strategy that follows the recommendations of the Center for Internet Security (CIS) Top 20 Critical Security Controls. This assessment guideline represents the best practices that are most broadly applicable to most industries.
What kind of business should have a CIS Top 20 Assessment?
From our point of view, every business! If you have any questions about your business technology security, the CIS Top 20 assessment is the most straightforward way to get a quick handle on whether your business has the technical controls necessary to protect your data.
Certainly if your business is subject to compliance requirements it is your responsibility to pursue assessment. The CIS Top 20 will identify gaps in your security posture that your stakeholders and regulating bodies will require be remediated.
If your business is not subject to compliance regimes, you still have an obligation to your stakeholders to ensure that your data is as secure as possible. The damage to your reputation caused by a breach alone could be ruinous. A phishing or ransomware attack could shut down your ability to do business and cause your customers to question your reliability.
Luckily the CIS Top 20 review is a relatively quick and painless process that will help you understand where your security strengths and weaknesses are, and how to correct them. Most businesses complete the process within a few hours, spread over two weeks. In our next post, we’ll get into the details of that process, but in the meantime, if you think your business should have a best practices review, give us a call: 416 421 1085
STAY IN THE LOOP
Subscribe to our free newsletter.
In an age where digital threats evolve faster than most organizations can react, the CIS Controls offer a clear, prioritized roadmap to build real-world cyber resilience. But what do they actually mean for your business? Let’s break it down — quickly and clearly. What are the CIS Controls? The Center for Internet Security (CIS) developed […]
Cybersecurity isn’t a checkbox — it’s a living, evolving necessity. At Horn IT Solutions, we know most MSPs stop at “basic protection.” That’s not our style. We’re offering a streamlined, expert-led CIS Security Assessment to help you understand where your organization stands against the gold standard in cybersecurity — the CIS Critical Security Controls. In […]
Each month, we will provide an overview of major breaches, emerging threats, and critical trends, along with an analysis of how these events could impact your business. We’ll also suggest ways in which you can protect yourself against these types of threats. Our goal is to deliver clear, actionable insights to help you navigate the evolving cybersecurity landscape with confidence and strategic foresight.
Token theft may not be as well-known as ransomware or phishing, but it's just as dangerous—if not more so—because it undermines one of the strongest tools we have for securing digital identities: MFA.
