SEC566: Implementing and Auditing CIS Controls

GIAC Critical Controls Certification (GCCC)

About the program

The CIS Controls (formerly known as Critical Security Controls) are a globally recognized set of prioritized cyber defense best practices designed to protect against the most pervasive and dangerous cyber threats. Developed by the Center for Internet Security (CIS), these controls offer actionable steps to reduce risk, secure systems, and defend against today’s evolving attack landscape.

By following the CIS Controls, organizations can reduce cyber risk, mitigate common attacks, and improve their ability to measure and report on residual risk. SANS and CIS also equip users with tools and guidance to navigate the complex landscape of cybersecurity solutions and prioritize actions that deliver the most impactful results.

This program empowers security professionals to build stronger defenses, align with global standards, and ensure their systems remain resilient in the face of ever-evolving threats.

Program Objectives

  • Apply security controls based on actual threats that are measurable, scalable, and reliable in stopping known attacks and protecting your organization’s important information and systems.
  • Understand the importance of each control and how it is compromised if ignored.
  • Explain the defensive goals that result in quick wins and increased visibility of network and systems.
  • Identify and use tools that implement controls through automation.
  • Create a scoring tool to measure the effectiveness of each control.
  • Employ specific metrics to establish a baseline and measure the effectiveness of security controls.
  • Competently map CIS Controls to compliance and standards such as PCI- DSS, the NIST Cybersecurity Framework (CSF), ISO 27000, and more.
  • Audit each of the CIS Controls with specific, proven templates, checklists, and scripts provided to facilitate the audit process.

For more details about the program, please click on the link below to download the brochure

Program Brochure

Program Date & time:

2 – 6 February 2025. (8:00am – 4:00pm daily during training days)