ETSI Incorporates CIS Controls

ETSI Incorporates CIS Controls

The European Telecommunications Standards Institute (ETSI) has approved and published the Center for Internet Security’s (CIS) Critical Security Controls and companion materials as a suite of technical reports.

The CIS Controls are a recommended set of actions that provide specific ways to stop today’s most pervasive and dangerous cybersecurity attacks. They were modified and re-formatted to meet the official ETSI guidelines when they were released in a four-part technical report. The ETSI report includes all of the present CIS Controls documents including the Measurement Guide, and Privacy, Mobile and Internet of Things companion documents, but in a slightly different format.

ETSI, which produces globally-applicable standards for fixed, mobile, radio, converged, broadcast and Internet technologies, encompasses more than 800 member organizations worldwide, from 66 countries and five continents.

"The inclusion of the CIS Controls as an official ETSI specification represents a major step forward, which will increase awareness and recognition of the CIS Controls," said Tony Sager, CIS senior vice president and chief evangelist. 

This is the latest success for the CIS Controls. Earlier this summer the Cybersecurity Guide for State Local Law Enforcement added the CIS Multi-State Information Sharing and Analysis Center (MS-ISAC) and the CIS Controls as key resources. The guide, put out by the US National Consortium for Advanced Policing is, as its name suggests, meant to help state and local law enforcement minimize the threat of cyber-attacks.

As of May, when CIS issued an update, more than 12,560 individuals and organizations had downloaded the CIS Controls since their release to the public last October 15.

Photo © Alexander Supertramp

Source: Information Security Magazine