Email and Web Browser Protections
CIS Control 7
Minimize the attack surface and the opportunities for attackers to manipulate human behavior through their interaction with web browsers and email systems.
Why is this Critical?
Web browsers and email clients are common entry points for attackers because of their technical complexity, flexibility, and their direct interaction with users and other systems and websites. Spoofed emails pose a significant threat to organizations because they can create a false sense of trust. By allowing only fully supported, updated, and approved email clients and web browsers, organizations can prevent employees from victims of malicious code, data loss, and other types of attacks.