There are numerous CIS benchmarks which provide system administrators and other IT technicians with configuration baselines and best practices across the various levels of different CIS criteria to allow them to secure the configuration of any systems and devices they use within an organisation. Here we will provide you with a detailed overview of what CIS benchmarks and controls should mean to you, along with useful references for further reading where needed, as part of this guide.

Businesses come in many different sizes, yet, they all share one similarity; the growing need for cybersecurity in today’s ever-changing technology landscape. While large companies with robust security infrastructure and experience may ward off many aspiring cybercriminals, small to medium-sized businesses (SMBs) prove to be ideal targets.

A list of 18 procedures (reduced from 20), or “controls,” recommended by the Center for Internet Security (CIS), must be followed to build an IT infrastructure resistant to cyberattacks. The CIS 4th Control advises to establish and maintain a secure configuration process for enterprise assets (end-user devices, including portable and mobile; non-computing/IoT devices; and servers) and software (operating systems and applications) (4.1).

Small business owners often have to wear many hats to keep their businesses up and running. As these businesses move forward and grow in size, not only do the responsibilities build up, but so does the risk of cybercrime. For small businesses, a password manager is essential as it guarantees secure password sharing, simplifies onboarding and offboarding employees and more.

With over 90 thousand different state and local governments across the U.S., creating a unified approach to cybersecurity and defending all of these counties, cities, territories, states, and commonwealths is not only in each of their interests, but the national interest as well.

Cyberattacks consistently hit the headlines throughout the year, and they aren’t expected to slow down any time soon. While the intensity and impact change from one attack to the other, there are always a few that rank the highest in terms of size. We looked at the five biggest cyberattacks of 2022 and how they influenced users around the globe.

The customer experience at the world’s biggest banks and fintech firms is undergoing a significant change. Because of technological advancements, account users may now not only transfer money online but also log in using Identity Verification using face match technology and do a variety of operations using simply their smartphone and its front camera. Technology in this area has made things faster, easier, and safer during the last decade.

The popularity of serverless architectures continues to grow as organizations seek ease of scalability and to eliminate the need to provision and manage infrastructure. In fact, in our most recent State of Serverless report, we found that more than half of our customers have adopted serverless technologies offered by Azure, Google Cloud, and AWS.

At this year’s AWS re:Invent conference, Snyk’s VP of Product Marketing, Ravi Maira, spoke with Omar Peerzada, Cyber Security Architect at Neiman Marcus, about how his team transitioned from older security practices to a developer-first security strategy. Watch the full talk now, or keep reading for the highlights.

That’s an excerpt from the fact sheet accompanying the May 2021 Executive Order on Improving the Nation’s Cybersecurity (EO). It refers to one of seven ambitious measures in the EO: shoring up security of that notorious playground for hackers, the software supply chain. Knowing that organizations lack visibility into the components that comprise their connected assets, bad actors can have a field day exploiting vulnerabilities to penetrate networks and take control.