Skip to content
ZxR Cyber Sentinel 4.1 is available — Discover our AI models
CIS Controls v8FrameworkInternationalVoluntary

CIS Controls v8

Authority : CIS
18 contrôles
Overview

What is CIS Controls v8 ?

CIS Critical Security Controls v8 are a set of 18 prioritized security controls developed by the Center for Internet Security. They represent the most effective defensive actions to protect organizations against the most common attacks. Controls are organized in 3 implémentation groups (IG1, IG2, IG3) based on the organization's maturity and resources. IG1 represents the essential cyber hygiene baseline that every organization should implement.

Key Points

  • 18 controls covering inventory, configuration, access, logging, email/web protection, anti-malware defenses, and more
  • 3 implémentation groups: IG1 (essential hygiene, 56 safeguards), IG2 (intermediate, 74 more), IG3 (advanced, 23 more)
  • Data-driven approach: control prioritization based on effectiveness against real-world attacks
  • 153 total safeguards, each with measurable metrics and test procedures
  • Official mapping to NIST CSF, ISO 27001, PCI DSS, HIPAA, and other frameworks

Why Zaxyr

Zaxyr enables rapid assessment of your CIS Controls compliance based on your implémentation group (IG1, IG2, or IG3). The platform automates evidence collection for all 153 safeguards, identifies gaps, and proposes a prioritized action plan. Native mapping to ISO 27001, NIST CSF, and NIS2 lets you leverage CIS Controls progress across other frameworks.

Start Your Compliance Journey

Get a personalized compliance assessment. Our team will guide you through.