CIS Top 20 Controls 

What is CIS Top 20 security controls?

The Center for Internet Security Critical Security Controls (CIS CSC) were created in coordination with US DHS, NSA, SANS and other groups to establish a set of the 20 most critical security controls to ensure cyber security. Now on Version 8, and known as the Top 18 CIS Controls, they contain over 170 sub-controls with specific target levels for compliance. 

While originally designed for IT, Verve has worked with our clients to adapt the standard into the OT/ICS environment, enabling a single standard across IT & OT.  Verve works closely with industrial organizations to establish CSC Top 20 programs and build dynamic compliance and security management processes. With the Verve Security Center platform, visibility into measurement, alerting and discovery is enhanced by supporting services.

Verve’s software and solutions are vendor-agnostic and provide integrated reporting of all necessary components for compliance of CIS controls.

CIS Controls Mapping to Verve Industrial Protection

View the full CIS Control Datasheet


Our Customer Success

"We chose Verve because we needed to implement the CIS controls within an Industrial Control System environment required working with vendors with exeprience in this space. The need was to build a consistent method of gathering hardware and software assets within a diverse ICS environment in order to establish common processes to manage cyber security risks."

Sr. Manager Security Governance & IT Risk, Energy & Utilities

Our Customer Success

“We could never have pulled all this off without you – the effectiveness of the way your folks work as teams and the solutions you have developed for control systems cyber tools are unparalleled."

Compliance Manager, Major Utility

Improve compliance and risk management

"I purchased Verve to create internal/operational efficiencies, improve compliance and risk management, and enhance decision-making."

Sr. Manager Security Governance & IT Risk, Energy & Utilities

CIS Controls Case Study

A large U.S. energy company strived to improve their cyber security readiness by achieving maturity across the CIS Top 20 Critical Security Controls. 

Find out how Verve helped scale the CSC Top 20 across industrial control systems and maintain a consistent security program for both IT and OT assets.

More OT Cyber Security Standards

Verve Iconography Trusted


Achieve NIST CSF maturity with Verve’s end-to-end risk management platform

Learn More
Verve Iconography Trusted


See how Verve detects, prevents and responds to cyber threats in compliance with the NERC CIP standard

Learn More
Verve Iconography Trusted


See how Verve can help achieve CMMC maturity for the Defense Industrial Base

Learn More

Implement CIS Controls

Speak with one of Verve’s OT/ICS security specialists to achieve IT-OT CIS Controls maturity

Book a Call