CIS Community Defense Model 2.0

This guide is the second edition of the CIS Community Defense Model (CDM).

Victor Monga

3/17/20231 min read

The Center for Internet Security (CIS) Community Defense Model (CDM) v2.0 is a valuable resource for designing, prioritizing, implementing, and improving an enterprise's cybersecurity program. With the updated CIS controls (v8), this guide provides excellent guidance on prioritizing tasks to ensure the highest level of protection against the most prevalent types of attacks. Here are some key findings from the guide:

  • The top five attack types identified by CDM v2.0 are malware, ransomware, web application hacking, insider and privilege misuse, and targeted intrusions.

  • IG1, which is the least costly and difficult to implement, is essential cyber hygiene and provides a viable defense against the top five attack types. Enterprises should aim to start with IG1 and work up to IG2 and IG3 as appropriate.

  • The CIS Controls are effective at defending against a wide array of attacks and are highly effective against the five attack types found in industry threat data.

  • Establishing and maintaining a secure configuration process (CIS Safeguard 4.1) is a linchpin safeguard for all five attack types. CIS Safeguard 4.1 is most effective in defending against the top five attack types, emphasizing the importance of secure configurations, such as those contained within the CIS Benchmarks.

Overall, the CIS Community Defense Model v2.0 guide is a practical starting point for enterprises to prioritize their cybersecurity efforts effectively. By focusing on essential cyber hygiene and establishing a secure configuration process, enterprises can achieve a high level of protection against the top five attack types and defend against a wide array of attacks.