New to Spartacus: CIS Top 18 Assessments

Digital Marmalade is thrilled to expand our range of assessment offerings with the inclusion of the CIS Top 18 security standard.

The CIS Top 18, also referred to as the CIS Critical Security Controls, represents a prioritised framework of cybersecurity best practices. It is designed to help organisations protect their critical systems and data by providing a structured approach to cybersecurity risk management. The controls are categorised into three Implementation Groups, with the first group defined as ‘essential’ and the other 2 covering Safeguards that further enhance cybersecurity defences. They cover fundamental actions like inventory and vulnerability management, as well as more sophisticated practices such as email security and access control, thereby serving as an invaluable resource for improving an organisation's cybersecurity posture.

In addition to measuring CIS Top 18 maturity, the platform offers a streamlined process for compiling key findings and recommendations that automatically populate comprehensive reports. Furthermore, it facilitates the association of evidence, policies, and supporting documents with each security safeguard.

A single client view provides the advantage of regular score comparisons and trend analysis across various assessments. This ensures that clients are consistently informed about their evolving security position and the tangible impacts of the implemented recommendations.

Features

• CIS Top 18 Frameworks (IG1, IG2, IG3)
• Evaluate CIS Top 18 & Asset Type maturity, highlight key findings & provide recommendations.
• Upload evidence, policies, and supporting documentation.
• Generate interactive CIS Top 18 heatmap dashboards of current & target states.
• Analyse security capabilities using charts & benchmark data to identify vulnerabilities.
• Prioritise & timeline projects that map directly to control maturity improvements.
• Output comprehensive PDF reports, collating all data, charts & recommendations.
• Peer review assessments for consultant training, collaboration and quality control.
• Provide client access to interactive analysis tools & assessment reports.
• Aggregate and compare periodical assessments to visualise improved security posture.
• Download assessment data, notes, evidence, graphics, and projects