Cybersecurity Program

Site2 has partnered with the Center for Internet Security (CIS) to deliver their Cybersecurity Best Practices.

The CIS Best Practices outline a comprehensive set of cybersecurity tools and controls developed by IT and security experts to address the most common cyber threats and vulnerabilities.

CIS Controls (CIS 20)

Site2 uses the CIS Controls to guide your organization through a series of 20 foundational and advanced cybersecurity actions, resulting in the elimination of the most common cyber attacks.

new-top-20-graphic-opt1.jpg

Site2 leverages the CIS 20 as the foundation for helping clients comply with industry and federal regulations including FINRA, HIPAA and NIST standards.

Post implementation, Site2 provides ongoing monitoring and management of the CIS Controls to help ensure continued compliance and success.

CIS Benchmarks

CIS’s global community of cybersecurity experts have developed over 100 configuration guidelines designed to safeguard computer systems.  Benchmarks cover all of the major system platforms including:

  • Microsoft Windows Operating Systems, SQL Server, Exchange, IIS, SharePoint
  • Debian, Ubuntu, CentOS, Amazon, RedHat Suse Linux
  • Apache Tomcat and HTTP server
  • VMware
  • Apple OS
  • Oracle Database and Solaris
  • many more…

Site2 helps organizations implement and maintain compliance with the CIS Benchmarks.

MS-ISAC Advisories

Advisories issued by the Multi-state Information Sharing and Advisory Center (MS-ISAC) provide Site2 with access to the latest threats and vulnerabilities.  This helps us to operate in a constant stream of new information: software updates, patches, security advisories, threat bulletins, etc. Understanding and managing vulnerabilities has become a continuous activity, requiring significant time, attention, and resources.

Site2 has incorporated these and other industry best practices to deliver an end-to-end Cybersecurity Program for our clients.  Contact us to learn how we can assess and reduce your organization’s cybersecurity risk.