RealCISO, a powerful software platform that enables organizations to evaluate and strengthen their security posture and reduce cyber risk, today announced a partnership with the Center for Internet Security (CIS) and the Institute for Security and Technology (IST) through the Blueprint for Ransomware Defense Working Group to provide customers with an easy and clear ability to create an action plan for ransomware mitigation, response, and recovery for small- and medium-sized enterprises.
“We are thrilled about our partnership with IST and CIS in bringing the Blueprint into the hands of organizations to prepare for ransomware as a threat,” said Akash Desai, co-founder and CRO of RealCISO. “With 99.9% of businesses in the US being in the small to medium size, many remain inadequately prepared against the risk of a cyber attack. This partnership allows those businesses to better understand their cybersecurity posture and implement solutions that close gaps.”
Within the original Ransomware Task Force, Action 3.1.1 called for the cybersecurity community to “develop a clear, actionable framework for ransomware mitigation, response, and recovery.” As a result, the Blueprint for Ransomware Defense Working Group developed a Blueprint comprised of a curated subset of essential cyber hygiene Safeguards from the CIS Critical Security Controls® (CIS Controls®) v8. The forty (40) recommended Safeguards included in the Blueprint have been carefully selected not only for their ease-of-implementation but their effectiveness in defending against ransomware attacks.
“Essential cyber hygiene is the foundation for any good cybersecurity program and removes a critical barrier for small and medium enterprises with limited cyber expertise in defending against ransomware,” said Curtis Dukes, CIS Executive Vice President and General Manager, Security Best Practices. “The Safeguards included in the Blueprint have been backed by analysis from the CIS Community Defense model and are effective in defense against attack techniques associated with ransomware.”
“We are excited to see the Blueprint continue to reach new organizations and help them to implement key actionable and foundational Safeguards,” said Megan Stifel, Co-Chair of the Ransomware Task Force and Chief Strategy Officer at the Institute for Security and Technology. “The creation of the Blueprint for Ransomware Defense would not have been possible without the contributions of our Blueprint Working Group, who created the Blueprint to help Small and Medium Enterprises in particular with limited cybersecurity expertise in defending against ransomware.”
RealCISO’s partnership with IST and CIS is the latest announcement in a series of exciting company news, including the addition of new platform features and newly expanded and flexible licensing options that make it simple for organizations to understand cyber risk, align cybersecurity spend, and achieve compliance.
To learn more and to explore the RealCISO platform, visit RealCISO.io.
RealCISO® empowers organizations to evaluate, identify and remediate cybersecurity vulnerabilities. Based on SOC 2, NIST Cybersecurity Framework (CSF), NIST 800-171, CMMC, HIPAA Security Rule, & the Critical Security Controls Top 18, and using a series of plain English questions on current people, process, and technologies, RealCISO® provides insight then recommends products and services that harden an organization’s cybersecurity posture, and reduce risk. Learn more at RealCISO.io.
The Center for Internet Security, Inc. (CIS®) makes the connected world a safer place for people, businesses, and governments through our core competencies of collaboration and innovation. We are a community-driven nonprofit, responsible for the CIS Critical Security Controls® and CIS Benchmarks™, globally recognized best practices for securing IT systems and data. We lead a global community of IT professionals to continuously evolve these standards and provide products and services to proactively safeguard against emerging threats. Our CIS Hardened Images® provide secure, on-demand, scalable computing environments in the cloud. CIS is home to the Multi-State Information Sharing and Analysis Center® (MS-ISAC®), the trusted resource for cyber threat prevention, protection, response, and recovery for U.S. State, Local, Tribal, and Territorial government entities, and the Elections Infrastructure Information Sharing and Analysis Center® (EI-ISAC®), which supports the rapidly changing cybersecurity needs of U.S. election offices. To learn more, visit cisecurity.org or follow us on Twitter: @CISecurity.
The Institute for Security and Technology (IST) designs and advances solutions to the world’s toughest emerging security threats. We are a nonpartisan, 501(c)(3) nonprofit organization based in the San Francisco Bay Area dedicated to advancing solutions to critical cyber and national security challenges. For more information, visit: securityandtechnology.org or follow us on Twitter: @IST_org.