Fred Cobb – CISO and VP of Services, InfoSystems
Rob Ashcraft – Sr. Cyber Security Strategist
This episode of the Cybersecurity Weekly Podcast is Part 7 of our series on the Center for Internet Security Top 20 Controls. Here's a quick list of where we're at:Basic CIS Controls 1-6
Foundational CIS Controls
In this episode, Fred and Rob discuss how you can protect your email and web browsers. This is the first Foundational CIS Control and is used to minimize your vulnerability to attackers. The Email and Web Browser Protections control is most impactful when a company has taken action against the first six Basic CIS Controls (following the CIS Top 20 Cybersecurity Controls).
Many companies don't consider their email applications and web browsers as security risks. But companies that do not focus on securing these applications give cyber criminals opportunity to exploit vulnerabilities without detection. For this reason, it's important that companies put an emphasis on securing email applications and web browsers.
There are basic steps you can take to begin protecting the email applications and web browsers your company has in use:- Continuous Updating
- Patch Management
- Perform a Risk Assessment
- Perform a Risk Analysis (i.e. Microsoft Secure Score)
- Phishing Campaign Simulations (i.e. KnowBe4)
- Spam Filtering (i.e. Proofpoint, Barracuda)
- Disable Auto Email Forwarding
- Educate Yourself and Employees on CIS Benchmarks
- URL Blocking
- Web Content Filtering
These steps can also be used to protect other systems and applications you have in use at your company.
You can implement these controls yourself, but it may cost you a substantial amount of time, money, and effort. There are Cybersecurity experts who specialize in getting these controls set up for hundreds of organizations.
Listen to the full episode to learn how your business can begin following the Center for Internet Security Top 20 Controls and make your company more secure.More Information
We'd love to hear your feedback. If you have any questions, you can text us at 423-697-9528 or email firstname.lastname@example.org.
This episode discusses Control Seven of the CIS (Center for Internet Security) "Top 20 Controls." The Top 20 Controls are a set of prioritized best practices designed to help organizations protect themselves from cyber-attacks. It is a framework for every organization, whether you have a full department of IT support or don't have security programs or measures in place. You can learn more about the 20 CIS Controls here.
See the break-down of these CIS Controls' Sub-Controls here.
Discover how other organizations are using these controls here.