Saturday, March 25, 2023
  • Events
  • Interviews
  • Jobs
  • Opinion
  • Whitepapers
  • Podcasts
  • Web Hosting Directory
  • Login
  • Register
Cloud7 News
  • Cloud Computing
  • Web Hosting
  • Data Center
  • Linux
  • Cybersecurity
  • More
    • Software
    • Network/Internet
    • Hardware
    • Artificial Intelligence
    • Windows
    • Policy/Legislation
    • Blockchain
    • Troubleshooting
    • How-Tos
    • Articles
No Result
View All Result
Cloud7 News
  • Cloud Computing
  • Web Hosting
  • Data Center
  • Linux
  • Cybersecurity
  • More
    • Software
    • Network/Internet
    • Hardware
    • Artificial Intelligence
    • Windows
    • Policy/Legislation
    • Blockchain
    • Troubleshooting
    • How-Tos
    • Articles
No Result
View All Result
Cloud7 News
No Result
View All Result

Home > Cybersecurity > The Center for Internet Security to announce its Community Defense Model

The Center for Internet Security to announce its Community Defense Model

The Center for Internet Security (CIS) released its Community Defense Model (CDM). CDM can mitigate approximately 83 percent of all attack techniques found in the MITRE ATT&CK Framework.


Seda Nur Cinar Seda Nur Cinar
August 31, 2020
2 min read
The Center for Internet Security to announce its Community Defense Model

The Center for Internet Security (CIS) unveiled its Community Defense Model (CDM). This defense model shows that the CIS Controls – a prioritized and prescriptive set of safeguards that mitigate the most common cyberattacks against systems and networks – mitigate approximately 83 percent of all attack techniques found in the MITRE ATT&CK Framework.

Providing a defensible basis

The CDM maps the Controls to the MITRE ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) Framework, and describes how data sources are used to support the mapping to specific Controls and their associated Sub-Controls (Safeguards). In addition to this, the CDM formalizes the documentation of the specific attack patterns mitigated by the Controls including web-application hacking, insider and privilege misuse, malware, ransomware, and targeted intrusions.

CIS President and CEO, John Gilligan
CIS President and CEO, John Gilligan

CIS President and CEO, John Gilligan, said,

“Consistent with our mission, CIS is committed to providing both public and private sector organizations with the tools they can use to help mitigate cyber-attacks. The rigorous and data-driven analysis mapping of the CIS Controls to the MITRE ATT&CK Framework in our Community Defense Model is the most recent step we’re taking to help all organizations start secure and stay secure with basic cyber hygiene. The data and analysis behind this model provide a defensible basis for applying specific best practices to mitigate cyber-attacks.”

While ransomware attacks are the most common types of attacks over the last several years, there are several other attack techniques that can be just as challenging for any organization. the CIS Controls model is separated into three Implementation Groups (IGs), against a variety of other attack techniques:

  • Malware: Implementing IG1 of the CIS Controls can mitigate 79 percent of malware attack pattern techniques. Implementing IG1 is the definition of Basic Cyber Hygiene.
  • Web-Application Hacking: 100 percent of instances of web-application hacking techniques can be defended against by implementing all of the CIS Controls.
  • Insider Privilege & Misuse: 100 percent of the techniques can be defended against by properly implementing the CIS Sub-Controls in IG1.
  • Targeted Intrusion: 80 percent of targeted intrusion techniques can be defended against by implementing all of the CIS Controls.

CIS developed this model by using publicly available data from sources including the Multi-State Information Sharing & Analysis Center (MS-ISAC), the 2019 Verizon DBIR, and CrowdStrike. These sources is to identify the most relevant attack patterns and their frequency.

See more Cybersecurity News

A comprehensive guide to understanding Cybersecurity: What is Cybersecurity?


Seda Nur Cinar

Seda Nur Cinar

Seda Nur Cinar is the news editor of the Cloud7 News. With more than 8 years of Linux and cloud experience, Seda is a Linux and opensource enthusiast, security researcher and a web application developer.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

I agree to the Terms & Conditions and Privacy Policy.

Next Post

Top 7 Data Center News: August 2020

Related News

7 best practices and tools to use for Linux security

7 best practices and tools to use for Linux security

March 24, 2023 5:00 pm
CISA aims to identify vulnerabilities that attract ransomware

CISA aims to identify vulnerabilities that attract ransomware

March 22, 2023 2:10 pm
7 best cybersecurity schools

7 best cybersecurity schools

March 21, 2023 9:00 pm
Akamai researchers warn about the new HinataBot botnet

Akamai researchers warn about the new HinataBot botnet

March 20, 2023 6:10 pm
Get free daily newsletters from Cloud7 News Get the Cloud7 Newsletter
Select list(s):

Check your inbox or spam folder to confirm your subscription.

By subscribing, you agree to our
Copyright Policy and Privacy Policy

Get the free newsletter

Subscribe to receive the latest IT business updates straight to your inbox.

Select list(s):

Check your inbox or spam folder to confirm your subscription.

Recent News

  • Podman Desktop – Containers & Kubernetes (Podcast #15 w/ Markus Eisele)
  • What is a Daemon in Linux?
  • 7 best practices and tools to use for Linux security
  • Photopea review: The best free Photoshop alternative for Linux
  • CloudFest 2023 is completed

Cloud7 News
Cloud7 is a news source that publishes the latest news, reviews, comparisons, opinions, and exclusive interviews to help tech users of high-experience levels in the IT industry.

EXPLORE

  • Web Hosting
  • Cloud Computing
  • Data Center
  • Cybersecurity
  • Linux
  • Network/Internet
  • Software
  • Hardware
  • Artificial Intelligence
  • How-Tos
  • Troubleshooting

RESOURCES

  • Events
  • Interviews
  • Jobs
  • Opinion
  • Whitepapers
  • Podcasts
  • Web Hosting Directory

Get the Cloud7 Newsletter

Get FREE daily newsletters from Cloud7 delivering the latest news and reviews.

  • About Us
  • Privacy & Policy
  • Copyright Policy
  • Contact

© 2023, Cloud7 News. All rights reserved.

No Result
View All Result
  • Cloud Computing
  • Web Hosting
  • Data Center
  • Linux
  • Cybersecurity
  • More
    • Software
    • Network/Internet
    • Hardware
    • Artificial Intelligence
    • Windows
    • Policy/Legislation
    • Blockchain
    • Troubleshooting
    • How-Tos
    • Articles
  • Events
  • Interviews
  • Jobs
  • Opinion
  • Whitepapers
  • Podcasts
  • Web Hosting Directory

© 2023, Cloud7 News. All rights reserved.

Welcome Back!

Sign In with Facebook
Sign In with Google
Sign In with Linked In
OR

Login to your account below

Forgotten Password? Sign Up

Create New Account!

Sign Up with Facebook
Sign Up with Google
Sign Up with Linked In
OR

Fill the forms below to register

*By registering into our website, you agree to the Terms & Conditions and Privacy Policy.
All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.