Tenable today announced a strategic partnership with the Center for Internet Security (CIS) that will bolster cyber hygiene for both public and private sector organizations, making foundational cybersecurity more affordable, accessible and actionable.
The two primary challenges organizations face in achieving basic cyber hygiene are lean budgets and limited staff with security expertise. This partnership is an important step in making foundational cybersecurity more attainable for both small and medium-sized organizations. To this end, CIS has developed a new prioritization scheme called the CIS Controls Assessment Specification for CIS Controls, its internationally recognized cybersecurity best practices. The CIS Controls are organized into Implementation Groups (IGs) which provide a prioritized path for organizations to improve their cybersecurity posture. IG1 represents basic cyber hygiene and the essential protections that should be put into place by all organizations.
Through its new Tenable.sc dashboard and report, Tenable is the first and only vendor to automate both the implementation and auditing of an organization’s adherence to IG1, maximizing limited budgets and resource-constrained teams. This helps organizations transform the Controls into actionable cybersecurity recommendations and integrate basic cyber hygiene across their operations.
“The vast majority of cyberattacks aren’t the result of super-sophisticated techniques. Instead, bad actors are going after low hanging fruit — lax cybersecurity measures,” said Renaud Deraison, chief technology officer and co-founder, Tenable. “Our partnership with CIS is helping organizations mature their cybersecurity programs and improve cyber hygiene with their existing resources, budget and staff.”
To make the framework even more accessible and affordable for the more than 12,000 combined Multi-State Information Sharing and Analysis Center (MS-ISAC) and Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC) members, Tenable’s solutions are now the only comprehensive, risk-based vulnerability management offerings available in the CIS CyberMarket.