CIS Control 12
Detect/prevent/correct the flow of information transferring networks of different trust levels with a focus on security-damaging data.
Why is this Critical?
This CIS Control addresses the danger of systems that can be exploited via the internet, such as DMZ systems, workstations, and mobile devices. To prevent attackers from gaining access into the internal environment, organizations should implement multi-layered boundary defense mechanisms such as firewalls, proxies, DMZ perimeter networks as well as network-based IPS and IDS solutions. It is also critical to filter both inbound and outbound traffic. Implementing a comprehensive toolset on your perimeter network can give insight into what is happening and assist in detecting potentially malicious activity.