Friday, May 27, 2022
  • Events
  • Interviews
  • Jobs
  • Opinion
  • Whitepapers
  • Glossary
  • Community Forum
  • Web Hosting Directory
  • Login
  • Register
Cloud7 News
  • Cloud Computing
  • Web Hosting
  • Data Center
  • Linux
  • Cybersecurity
  • More
    • How-Tos
    • Network/Internet
    • Windows
    • Software
    • Hardware
    • Blockchain
    • Policy/Legislation
    • Video
No Result
View All Result
Cloud7 News
  • Cloud Computing
  • Web Hosting
  • Data Center
  • Linux
  • Cybersecurity
  • More
    • How-Tos
    • Network/Internet
    • Windows
    • Software
    • Hardware
    • Blockchain
    • Policy/Legislation
    • Video
No Result
View All Result
Cloud7 News
No Result
View All Result

Home > Cybersecurity > The Center for Internet Security to announce its Community Defense Model

The Center for Internet Security to announce its Community Defense Model

The Center for Internet Security (CIS) released its Community Defense Model (CDM). CDM can mitigate approximately 83 percent of all attack techniques found in the MITRE ATT&CK Framework.

Seda Nur Cinar by Seda Nur Cinar
August 31, 2020
in Cybersecurity
2 min read
0 0
0
The Center for Internet Security to announce its Community Defense Model
2
SHARES
22
VIEWS
Share on FacebookShare on TwitterShare on EmailFollow on Google News

The Center for Internet Security (CIS) unveiled its Community Defense Model (CDM). This defense model shows that the CIS Controls – a prioritized and prescriptive set of safeguards that mitigate the most common cyberattacks against systems and networks – mitigate approximately 83 percent of all attack techniques found in the MITRE ATT&CK Framework.

Providing a defensible basis

The CDM maps the Controls to the MITRE ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) Framework, and describes how data sources are used to support the mapping to specific Controls and their associated Sub-Controls (Safeguards). In addition to this, the CDM formalizes the documentation of the specific attack patterns mitigated by the Controls including web-application hacking, insider and privilege misuse, malware, ransomware, and targeted intrusions.

CIS President and CEO, John Gilligan
CIS President and CEO, John Gilligan

CIS President and CEO, John Gilligan, said,

“Consistent with our mission, CIS is committed to providing both public and private sector organizations with the tools they can use to help mitigate cyber-attacks. The rigorous and data-driven analysis mapping of the CIS Controls to the MITRE ATT&CK Framework in our Community Defense Model is the most recent step we’re taking to help all organizations start secure and stay secure with basic cyber hygiene. The data and analysis behind this model provide a defensible basis for applying specific best practices to mitigate cyber-attacks.”

While ransomware attacks are the most common types of attacks over the last several years, there are several other attack techniques that can be just as challenging for any organization. the CIS Controls model is separated into three Implementation Groups (IGs), against a variety of other attack techniques:

  • Malware: Implementing IG1 of the CIS Controls can mitigate 79 percent of malware attack pattern techniques. Implementing IG1 is the definition of Basic Cyber Hygiene.
  • Web-Application Hacking: 100 percent of instances of web-application hacking techniques can be defended against by implementing all of the CIS Controls.
  • Insider Privilege & Misuse: 100 percent of the techniques can be defended against by properly implementing the CIS Sub-Controls in IG1.
  • Targeted Intrusion: 80 percent of targeted intrusion techniques can be defended against by implementing all of the CIS Controls.

CIS developed this model by using publicly available data from sources including the Multi-State Information Sharing & Analysis Center (MS-ISAC), the 2019 Verizon DBIR, and CrowdStrike. These sources is to identify the most relevant attack patterns and their frequency.

See more Cyber Security News


Share2TweetSendShare
Get free daily newsletters from Cloud7 News Get the Cloud7 Newsletter

Check your inbox or spam folder to confirm your subscription.

By subscribing, you agree to our
Copyright Policy and Privacy Policy
Previous Post

China and Hong Kong Data Center market size will reach $27 billion by 2025

Next Post

Top 7 Data Center News: August 2020

Seda Nur Cinar

Seda Nur Cinar

Seda Nur Cinar is the news editor of the Cloud7 News. With more than 8 years of Linux and cloud experience, Seda is a Linux and opensource enthusiast, security researcher and a web application developer.

Related News

VMware ESXi servers are being targeted by a new ransomware

VMware ESXi servers are being targeted by a new ransomware

May 26, 2022 2:07 pm
StackPatch unveils new WAF packages

StackPath unveils new WAF packages

May 24, 2022 4:56 pm

Word files embedded in PDF files are carrying keyloggers

May 24, 2022 2:24 pm
QNAP NAS devices are vulnerable once more

QNAP NAS devices are vulnerable once more

May 24, 2022 2:14 pm
Next Post

Top 7 Data Center News: August 2020

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

I agree to the Terms & Conditions and Privacy Policy.

Editor's Choice

Interview with Igor Seletskiy on AlmaLinux

7 best hosting control panels

How to update Linux Kernel without rebooting?

7 best Linux mail servers for 2022

7 best cPanel alternatives for 2022

7 best Linux web browsers for 2022

cPanel Security: 7 steps to secure cPanel

7 best CentOS alternatives

7 best Linux server distros for 2022

How to scan your server for Log4j (Log4Shell) vulnerability

Best web hosting service providers

AlmaLinux 8.6 Stable is ready to download

Ubuntu 22.04 LTS is available for download. What is new?

Advertisement

Recent News

  • GitHub Copilot becoming free for students
  • Google disables global cache servers in Russia
  • Broadcom is acquiring VMware for $61 billion
  • Clonezilla live 3.0.0-26 released
  • HP and System76 introduce high-end laptop

Our Latest Interview

Interview: Erez Barak, Vice President Observability of Sumo Logic
Interview

Interview: Erez Barak, Vice President Observability of Sumo Logic

by Atalay Kelestemur
November 25, 2021 3:23 am


Cloud7 News is a news source that publishes the latest news, industry news and exclusive interviews on web hosting, cloud computing, data center, cybersecurity and linux.

News Categories

  • Web Hosting
  • Cloud Computing
  • Data Center
  • Cybersecurity
  • Linux
  • Network/Internet
  • Software
  • Hardware
  • Blockchain

Our Free Modules

  • Events
  • Interviews
  • Jobs
  • Opinion
  • Whitepapers
  • Glossary
  • Community Forum
  • Web Hosting Directory

Get the Cloud7 Newsletter

Get FREE daily newsletters from Cloud7 delivering the latest news and reviews.

  • About Us
  • Privacy & Policy
  • Copyright Policy
  • Contact

© 2022, Cloud7 News. Latest Cloud Computing, Web Hosting, Data Center Industry and Tech News

No Result
View All Result
  • Cloud Computing
  • Web Hosting
  • Data Center
  • Linux
  • Cybersecurity
  • More
    • How-Tos
    • Network/Internet
    • Windows
    • Software
    • Hardware
    • Blockchain
    • Policy/Legislation
    • Video
  • Events
  • Interviews
  • Jobs
  • Opinion
  • Whitepapers
  • Glossary
  • Community Forum
  • Web Hosting Directory

© 2022, Cloud7 News. Latest Cloud Computing, Web Hosting, Data Center Industry and Tech News

Welcome Back!

Login to your account below

Forgotten Password? Sign Up

Create New Account!

Fill the forms below to register

*By registering into our website, you agree to the Terms & Conditions and Privacy Policy.
All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.