CIS Control 8
Control the installation, spread, and execution of malicious code at multiple points in the enterprise, while optimizing the use of automation to enable rapid updating of defense, data gathering, and corrective action.
Why is this Critical?
Malware is one of the most dangerous aspects of cybersecurity. It was designed to purposely attack systems, services, and data. This CIS control is about defending infrastructure, IoT, mobile devices, and workstations against malware that can enter through a variety of entry points such as email attachments, web pages, end user devices, cloud services, etc. Malware defenses must be able to operate through large-scale automation, rapid updating, and integration with processes like incident response. They must also be deployed at multiple possible points of attack to detect, stop the movement, or control the execution of malicious software.