The Center for Internet Security, Inc. (CIS) and CREST, an international accreditation and certification body, have joined forces to address the growing cyber threats and improve global cybersecurity. The new initiative, called the CIS Controls Accreditation program, aims to enable organizations to demonstrate that their cybersecurity measures align with the best practice guidance provided by the CIS Critical Security Controls (CIS Controls) and are upheld by the rigorous standards of CREST accreditation.
With cyber threats on the rise, organizations are prioritizing the establishment, maintenance, and validation of their security posture. The CIS Controls Accreditation program offers a unique opportunity for CIS SecureSuite Members and CREST Members to provide consulting services to organizations seeking to showcase their implementation of security best practices. This consulting service ensures that their security measures are guided by the training and validation defined by two renowned authorities in cybersecurity.
Tom Brennan, Executive Director of CREST Americas Region, emphasized the importance of being able to process and analyze data from various devices and systems in this era of heightened security. He explained that the combination of CIS Controls and CREST accreditations enables joint members to meet risk and compliance requirements more efficiently. It also provides a methodology for continuously monitoring their security posture, allowing security professionals to observe, test, and enhance the security infrastructure.
The CIS Critical Security Controls are globally recognized and widely used best practices that offer organizations a prioritized roadmap for improving their cybersecurity posture. This partnership between CIS and CREST marks the first initiative to combine the CIS Controls with an accredited consulting program.
Curtis Dukes, CIS Executive Vice President and General Manager, Security Best Practices, expressed his satisfaction with the partnership between CIS and CREST, as it provides end user organizations with a selection of recognized consultants to advise on the implementation and assessment of the CIS Controls. Dukes sees this collaboration as a significant step forward in their mission to secure enterprises and protect them against existing and emerging threats.
The joint offering from CIS and CREST is now available to members of both organizations through their respective websites. By leveraging the expertise and standards provided by both organizations, businesses and governments can strengthen their cybersecurity defenses and instill confidence in their customers and partners.
CIS is a community-driven nonprofit organization that focuses on collaboration and innovation to make the connected world safer for everyone. They are responsible for the CIS Critical Security Controls and CIS Benchmarks, which have become globally recognized best practices for securing IT systems and data. CIS also leads a global community of IT professionals in continuously evolving these standards and providing proactive products and services to combat emerging threats.
On the other hand, CREST is an international not-for-profit membership body that represents the global cybersecurity industry. Their primary goal is to create a secure digital world by leveraging best practices and addressing the needs of contributors, users, and solution providers. CREST achieves this through rigorous quality assurance of its members and by certifying professionals in the cybersecurity industry.
Currently, CREST accredits over 350 member companies operating across numerous countries and certifies thousands of professionals worldwide. Their certifications are recognized by governments, regulators, academic institutions, training partners, professional bodies, and other stakeholders around the globe.
By combining the strengths and expertise of CIS and CREST, organizations can enhance their cybersecurity measures and contribute to a more secure digital environment. As cyber threats continue to evolve, initiatives like the CIS Controls Accreditation program play a crucial role in mitigating risks and ensuring better global cybersecurity.