CIS Top 20 Controls 

What is CIS Top 20 security controls?

The Center for Internet Security Critical Security Controls (CIS CSC) were created in coordination with US DHS, NSA, SANS and other groups to establish a set of the 20 most critical security controls to ensure cyber security. Now on Version 7, CIS Top 20 contains over 170 sub-controls with specific target levels for compliance. 

While originally designed for IT, Verve has worked with our clients to adapt the standard into the OT/ICS environment, enabling a single standard across IT & OT.  Verve works closely with industrial organizations to establish CSC Top 20 programs and build dynamic compliance and security management processes. With the Verve Security Center platform, visibility into measurement, alerting and discovery is enhanced by supporting services.

Verve’s software and solutions are vendor-agnostic and provide integrated reporting of all necessary components for compliance of CIS controls.

CIS Controls Mapping to Verve Industrial Protection

View the full CIS Control Datasheet

 

Our Customer Success

"We chose Verve because we needed to implement the CIS controls within an Industrial Control System environment required working with vendors with exeprience in this space. The need was to build a consistent method of gathering hardware and software assets within a diverse ICS environment in order to establish common processes to manage cyber security risks."

Sr. Manager Security Governance & IT Risk, Energy & Utilities

Our Customer Success

“We could never have pulled all this off without you – the effectiveness of the way your folks work as teams and the solutions you have developed for control systems cyber tools are unparalleled."

Compliance Manager, Major Utility

Improve compliance and risk management

"I purchased Verve to create internal/operational efficiencies, improve compliance and risk management, and enhance decision-making."

Sr. Manager Security Governance & IT Risk, Energy & Utilities

CIS Controls Case Study

A large U.S. energy company strived to improve their cyber security readiness by achieving maturity across the CIS Top 20 Critical Security Controls. 

Find out how Verve helped scale the CSC Top 20 across industrial control systems and maintain a consistent security program for both IT and OT assets.

More OT Cyber Security Standards

NIST CSF

Achieve NIST CSF maturity with Verve’s end-to-end risk management platform

Learn More

NERC CIP

See how Verve detects, prevents and responds to cyber threats in compliance with the NERC CIP standard

Learn More

CMMC

See how Verve can help achieve CMMC maturity for the Defense Industrial Base

Learn More

Implement CIS Controls

Speak with one of Verve’s OT/ICS security specialists to achieve IT-OT CIS Controls maturity

Book a Call