Aligning frameworks like the CIS Critical Security Controls with the NIST Cybersecurity Framework (CSF) is a good idea for organizations to assess and strengthen their security posture. The intersection of these frameworks helps to further prioritize efforts and understand how specific CIS controls support broader cybersecurity goals.
- Govern: 13 controls, 25 safeguards, 3 asset types
- Identify: 8 controls, 14 safeguards, 4 asset types
- Protect: 16 controls, 78 safeguards, 5 asset types
- Detect: 9 controls, 25 safeguards, 4 asset types
- Respond: 4 controls, 6 safeguards, 3 asset types
- Recover: 2 controls, 6 safeguards, 3 asset types
Use Cases:
- Prioritize CIS control safeguards by the NIST CSF functions.
- Correlate NIST CSF functions to CIS implementation groups.
- Correlate NIST CSF functions to CIS control asset types.