NNT was selected to join CIS’s CyberMarket as a means to address several of the CIS Controls and participating in a purchasing program that serves U.S. State, Local, Tribal, and Territorial (SLTT) government organizations, not-for-profit entities, and public health and education institutions to improve cybersecurity through cost-effective group procurement.
By leveraging the strategic partnership between CIS and NNT, public and not-for-profit organizations can recognize the benefits of:
- A CIS approved technology that maps directly to various Basic, Foundational and Organization CIS Controls
- Receiving product and service discounts through a collective purchasing program established by CIS
- Utilizing numerous resources to help safeguard against cyber threats
NNT & CIS on the CIS CyberMarket - CIS Website
91% of all security breaches can be auto-detected when release, change and configuration management controls like NNT are properly implemented - IT Process Institute
The first six CIS Controls (Basic) are the most critical to implement and manage. Interestingly, they have more to do with operational controls than they do security controls. NNT’s products uniquely align with the requirements of these "Basic" controls by providing a suite of products that address each of the controls requirements.
NNT's strategic partnership with CIS highlights the industry's need to combine an IT management methodology and best practices from both security and IT service management...resulting in a holistic, comprehensive and prescriptive approach to solving security. This strategy is what NNT calls SecureOps™.
This strategy is underpinned by NNT’s knowledge of the essential common controls that overlap to support and achieve business objectives from two different vantage points. This approach creates the security foundation and a solution to eliminate security breaches and incidents as we know them today.
Good IT operations management has always been the foundation for a strong cyberdefense; if you can't do the first, you will fail at the second.
Tony Sager, SVP and Chief Evangelist
- NNT’s Top Five Cybersecurity Predictions and Recommendations for 2020
- Regus Sales Staff Data Leaked via Third Party
- Emotet Targeting US Military and Government
- Breach Update: Equifax Settles Class-Action Lawsuit for $380.5 Million
- All CIS Controls blog posts
- CIS Control 1: Inventory and Control of Hardware Assets
- CIS Control 2: Inventory and Control of Software Assets
- CIS Control 3: Continuous Vulnerability Management
- CIS Control 4: Controlled Use of Administrative Privileges
- CIS Control 5: Secure Configuration for Hardware and Software on Mobile Devices, Laptops, Workstations and Servers
- All CIS Controls articles
"The majority of security incidents occur when basic controls are lacking or are poorly implemented. The first six CIS Controls have been assessed as preventing up to 90% of pervasive and dangerous cyber-attacks.”
Read John Gilligan (CEO of Center for Internet Security) testimony to the United States Senate, Permanent Subcommittee on Investigations, Homeland Security & Government Affairs Committee on Private Sector Data Breaches, Thursday, March 7, 2019.
Read John Gilligan’s testimony »
Watch John Gilligan’s testimony »
Access CIS Resources
Access a broad range of CIS Benchmark reports to audit your enterprise and continuously monitor for any drift from your hardened state.
Download Reports »
Server Hardening Resources
Download Hardened Services checklists, derived by NNT in conjunction with Microsoft, to manually audit your servers for compliance.
Download Checklists »
Audit Policy Template Resources
Gain access to audit policies derived from the Center for Internet Security to generate audit logs on all relevant security levels.
Download Audit Policies »
Change Tracker Gen 7R2: Complete configuration and system integrity assurance combined with the most comprehensive and intelligent change control solution available.
Vulnerability Tracker: The world’s only limitless and unrestricted vulnerability scanning solution with unparalleled accuracy and efficiency, protecting your IT assets on premises, in the cloud and mobile endpoints.