Mitigation Strategies Crosswalk

Mapping the Council on Cybersecurity’s Critical Security Controls for Effective Cyber Defense and the Australian Signals Directorate’s Strategies to Mitigate Targeted Cyber Intrusions to CIS Benchmarks

The CIS Secure Configuration Benchmarks are essential technical controls for hardening operating systems, applications, and network devices. The Benchmarks assist in addressing critical vulnerabilities that often result in many of today's cyber security intrusions and incidents.


CIS maps its Benchmarks to two leading security guidelines: the Critical Security Controls for Effective Cyber Defense and the Australian Signals Directorate's (ASD) Strategies to Mitigate Targeted Cyber Intrusions. The CIS mapping provides a "crosswalk" - a comprehensive and prioritized blueprint of CIS Benchmarks for organizations to leverage to help accomplish the corresponding security guidelines' recommendations.


CIS has updated its mapping in February 2014 to reflect corresponding updates in February 2014 of the ASD Mitigation Strategies and the Critical Security Controls to version 5.0. CIS has Security Benchmarks that align with, or have specific recommendations that directly support accomplishment of 65% of the Critical Security Controls and 60% of the DSD Mitigation Strategies, with 75% CIS Benchmark alignment with the Mitigation Strategies the ASD identifies as "Essential." Further, for each Critical Control and Mitigation Strategy where there is Benchmark alignment, such correlation includes numerous CIS Benchmarks with implementable controls that help to accomplish the corresponding Critical Control or Mitigation Strategy.

2014 Crosswalk Mapping Poster

2014 Crosswalk Mapping Matrix