. home.aspx



Lack of Hardened Benchmarks Leads to Poor Cyber Hygiene

August 10, 2018 / Kacy Zurkus

The Center for Internet Security (CIS) refers to an organization's implementation of security controls as its “cyber hygiene,” but a new survey finds that nearly two-thirds of organizations are not practicing good cyber hygiene habits as they have no established benchmarks for implementing security controls.  The new State of Cyber Hygiene Report by Tripwire surveyed 306 IT security professionals to learn if and how organizations are implementing security controls. Conducted in July 2018 in partnership with Dimensional Research, the survey found that almost two-thirds of organizations admitted that they do not use hardening benchmarks, such as CIS or Defense Information Systems Agency (DISA) guidelines, to establish a secure baseline. “These industry standards are one way to leverage the broader community, which is important with the resource constraints that most organizations experience," said Tripwire’s Tim Erlin, vice president of product manag...