CIS Control 10: Data Recovery Capabilities

Home  »  Blog  »  Cyber Security  »  CIS Control...

By Bill Minahan   |   March 29, 2021   |   0 Comments

CIS Control 13

CIS Control 10: Data Recovery Capabilities

What is CIS Control 10?

The CIS controls are a set of actions that protect your organization from the most pervasive cyber attacks. There are 20 total critical controls that prioritize the most essential actions your organization can take in order to gain the highest pay-off results.

CIS Control 10 focuses on the processes and tools used to properly back up critical information with a proven methodology for a timely recovery.

Why is this CIS Control Critical?

The CIS Controls are based on actionable guidance from today’s biggest threats, formed by the consensus of the world’s leading experts across a variety of sectors.

CIS Control 10 is critical because when attackers compromise machines, they often make significant changes to configurations and software.

Furthermore, they can make subtle alterations to data stored on compromised machines, which can, in turn, jeopardize organizational effectiveness with inaccurate or incomplete data.

When and if attackers are discovered, it can be difficult for organizations to find and remove all aspects of the attacker’s presence and changes made on the machine.

As a result, it is critical to have effective data recovery solutions that you trust.

How to Implement CIS Control 10

Sub-Control

Asset Type

Security Function

Control Title

Control Descriptions

10.1

Data Protect Ensure Regular Automated Backups  

Ensure that all system data is automatically backed up on a regular basis.

10.2

Data Protect Perform Complete System Backups  

Ensure that all of the organization’s key systems are backed up as a complete system, through processes such as imaging, to enable the quick recovery of an entire system.

10.3

Data Protect Test Data on Backup Media  

Test data integrity on backup media on a regular basis by performing a data restoration process to ensure that the backup is properly working.

10.4

Data Protect Protect Backups  

Ensure that backups are properly protected via physical security or encryption when they are stored, as well as when they are moved across the network. This includes remote backups and cloud services.

10.5

Data Protect Ensure All Backups Have at Least One Offline Backup Destination  

Ensure that all backups have at least one offline (i.e., not accessible via a network connection) backup destination.

 

 

Implementing CIS Controls

If your team is struggling to implement CIS Control 10 and could use the assistance of a third-party security provider, aNetworks is here to help. Our team of experts can assist with whatever level of service you require from consulting to complete implementation.

If you are interested in learning more about CIS Controls, view our comprehensive list here.

If you are interested, then please contact us below.

Contact Us

Furthermore, if you are looking for more information, check out our resource center here.

Finally, you can always find us on TwitterLinkedIn, and Facebook.


Category: Cyber Security