CIS Framework-Based Cybersecurity Services
Our offerings are structured around the CIS v8 Critical Security Controls, scaled for organizations of all maturity levels from small businesses to enterprises.
IG1 - Foundation
Small Organizations
Essential cybersecurity for organizations with limited IT resources
Starting at $2,500/month
68 total safeguards included
Key Features:
- Basic asset inventory
- Essential access controls
- Core data protection
- Fundamental vulnerability management
- Basic monitoring & logging
CIS Controls Coverage:
Control 12/5
Control 21/7
Control 36/14
Control 44/12
Control 53/6
Control 65/8
Control 74/7
Control 85/12
Control 93/7
Control 103/7
Control 113/5
Control 124/8
Control 136/11
Control 144/9
Control 154/7
Control 167/14
Control 174/9
Control 180/5
Most Popular
IG2 - Standard
Mid-Size Organizations
Comprehensive security for moderate complexity environments
Starting at $5,500/month
115 total safeguards included
Key Features:
- Advanced asset management
- Enhanced access controls
- Comprehensive data protection
- Continuous vulnerability scanning
- Advanced threat detection
- Security awareness training
CIS Controls Coverage:
Control 14/5
Control 24/7
Control 312/14
Control 48/12
Control 55/6
Control 66/8
Control 77/7
Control 88/12
Control 95/7
Control 105/7
Control 114/5
Control 126/8
Control 138/11
Control 147/9
Control 156/7
Control 1611/14
Control 176/9
Control 183/5
IG3 - Advanced
Enterprise Organizations
Maximum security for high-value data and regulated environments
Starting at $12,000/month
153 total safeguards included
Key Features:
- Complete asset visibility
- Zero-trust architecture
- Advanced data loss prevention
- Real-time threat hunting
- Penetration testing
- Incident response team
- Compliance reporting
CIS Controls Coverage:
Control 15/5
Control 27/7
Control 314/14
Control 412/12
Control 56/6
Control 68/8
Control 77/7
Control 812/12
Control 97/7
Control 107/7
Control 115/5
Control 128/8
Control 1311/11
Control 149/9
Control 157/7
Control 1614/14
Control 179/9
Control 185/5
Complete CIS v8 Controls Breakdown
See exactly which safeguards are included in each implementation group tier.
| CIS Control | IG1 | IG2 | IG3 |
|---|---|---|---|
Control 1: Inventory & Control of Hardware Assets | 2/5 | 4/5 | 5/5 |
Control 2: Inventory & Control of Software Assets | 1/7 | 4/7 | 7/7 |
Control 3: Data Protection | 6/14 | 12/14 | 14/14 |
Control 4: Secure Configuration | 4/12 | 8/12 | 12/12 |
Control 5: Account Management | 3/6 | 5/6 | 6/6 |
Control 6: Access Control Management | 5/8 | 6/8 | 8/8 |
Control 7: Continuous Vulnerability Management | 4/7 | 7/7 | 7/7 |
Control 8: Audit Log Management | 5/12 | 8/12 | 12/12 |
Control 9: Email & Web Browser Protections | 3/7 | 5/7 | 7/7 |
Control 10: Malware Defenses | 3/7 | 5/7 | 7/7 |
Control 11: Data Recovery | 3/5 | 4/5 | 5/5 |
Control 12: Network Infrastructure Management | 4/8 | 6/8 | 8/8 |
Control 13: Network Monitoring & Defense | 6/11 | 8/11 | 11/11 |
Control 14: Security Awareness & Training | 4/9 | 7/9 | 9/9 |
Control 15: Service Provider Management | 4/7 | 6/7 | 7/7 |
Control 16: Application Software Security | 7/14 | 11/14 | 14/14 |
Control 17: Incident Response Management | 4/9 | 6/9 | 9/9 |
Control 18: Penetration Testing | 0/5 | 3/5 | 5/5 |
Ready to Strengthen Your Security Posture?
Let us help you determine the right CIS implementation group for your organization and create a customized security roadmap.