Logicalis US Urges CIOs/CISOs to Consider CIS Controls for Enterprise Security

Solution Provider Joins CIS to Aid Clients in Applying Non-Proprietary CIS Controls  

NEW YORK, June 7, 2017 – Recent high-profile attacks have shined a spotlight on inaction and indecision surrounding enterprise security. According to Logicalis US, an international IT solutions and managed services provider (www.us.logicalis.com), much of the lack of decision is due to a lack of a good starting point for enterprise security – the options and steps to take can appear overwhelming.

Enterprise security experts at Logicalis US recommend one starting point that provides a straightforward and rigorous method to accomplish enterprise security. The CIS Controls are a recommended set of actions for cyber defense that provide specific and actionable ways to thwart the most pervasive attacks. The CIS Controls are a relatively short list of high-priority, highly effective defensive actions that provide a "must-do, do-first" starting point for every enterprise seeking to improve their cyber defense. The CIS Controls are publicly-available, non-proprietary set of best practices from the Center for Internet Security(CIS). These global industry best practices have been endorsed by leading IT security vendors and governing bodies.

Logicalis US has signed a membership agreement with CIS enabling the solution provider to use CIS Benchmarks, CIS Controls and CIS tools in its security consulting practice to better analyze, assess, recommend and support the requirements of enterprise security clients. 

“Logicalis US has become an Organizational Consulting Member of CIS because we recognize that its approach to security aligns very tightly with our own and supports our values,” says Ron Temske, Vice President of Security Solutions at Logicalis US. “The CIS Controls provide a reference for the term ‘best practices’ when it comes to security. It’s backed by usage and vetted by IT professionals.”

Many organizations face regulatory and contractual obligations to demonstrate to auditors and their board of directors that they have taken commercially-appropriate steps to provide enterprise security.

A consensus-driven set of best practices like the CIS Controls provide the best and most rigorous method to accomplish these requirements and avoid “analysis paralysis.”

The CIS Controls are prioritized in a specific order to help security professionals organize and prioritize their first steps in cybersecurity. According to CIS, the CIS Controls have been proven to mitigate 85 percent of the most common vulnerabilities.

Top Five CIS Controls

Just the first five CIS Controls alone have been found to eliminate most enterprise weaknesses. These CIS Controls are:

  1. Inventory of Authorized and Unauthorized Devices
  2. Inventory of Authorized and Unauthorized Software
  3. Secure Configurations for Hardware and Software
  4. Continuous Vulnerability Assessment and Remediation
  5. Controlled Use of Administrative Privileges

According to Temske, Logicalis US sees organizations leveraging common security frameworks (CSF) in one or more of the following ways:

  1. To improve overall security. Leveraging the CSF blueprint to ensure they address the most important aspects.
  2. As a competitive differentiator. Establishing a competitive advantage due to the greater focus on security and protection of their own and customer assets.
  3. To meet compliance and/or regulatory requirements. Often necessary in specific vertical industries like healthcare or financial.
  4. To free up budget and purchasing ability around security. Once a business decision has been made to pursue a CSF, the subsequent budget required to meet the CSF requirements is frequently easier to receive.

“IT security leaders can leverage the CIS Controls to quickly establish protections providing the highest payoff in their organizations,” says Temske. “They guide you through a series of foundational and advanced cybersecurity actions where the most common attacks can be eliminated.”

Want to Learn More?

About CIS
CIS is a forward-thinking, nonprofit entity that harnesses the power of a global IT community to safeguard private and public organizations against cyber threats. Our CIS Controls and CIS Benchmarks are the global standard and recognized best practices for securing IT systems and data against the most pervasive attacks. These proven guidelines are continually refined and verified by a volunteer, global community of experienced IT professionals. CIS is home to the Multi-State Information Sharing and Analysis Center (MS-ISAC®), the go-to resource for cyber threat prevention, protection, response, and recovery for state, local, tribal and territorial government entities.

About Logicalis
Logicalis is an international multi-skilled solution provider providing digital enablement services to help customers harness digital technology and innovative services to deliver powerful business outcomes.

Our customers cross industries and geographical regions; our focus is to engage in the dynamics of our customers’ vertical markets including financial services, TMT (telecommunications, media and technology), education, healthcare, retail, government, manufacturing and professional services, and to apply the skills of our 4,000 employees in modernizing key digital pillars, data center and cloud services, security and network infrastructure, workspace communications and collaboration, data and information strategies, and IT operation modernization.

We are the advocates for our customers for some of the world’s leading technology companies including Cisco, HPE, IBM, NetApp, Microsoft, VMware and ServiceNow.

The Logicalis Group has annualized revenues of over $1.5 billion from operations in Europe, North America, Latin America, Asia Pacific and Africa. It is a division of Datatec Limited, listed on the Johannesburg Stock Exchange and the AIM market of the LSE, with revenues of over $6.5 billion.

For more information, visit www.us.logicalis.com.

Business and technology working as one

To learn more about Logicalis activities through a variety of social media outlets, click here.