Leanpub Header

Skip to main content

CIS Controls v8.1: The Definitive Guide to Cybersecurity's Most Actionable Framework

A Complete Walkthrough of the 18 Controls, 153 Safeguards, and Implementation Groups for Modern Organizations

This book is 100% completeLast updated on 2026-07-03

The CIS Controls are one of the most trusted cybersecurity frameworks, but turning them into a real security program isn't always straightforward. This book walks through all 18 controls and 153 safeguards with clear explanations, practical guidance, and real-world context to help you implement the framework with confidence, whether you're starting from scratch or improving an existing program.

Minimum price

$19.00

$29.00

You pay

Author earns

$

Also available for 1 book credit with a Reader Membership

PDF
EPUB
About

About

About the Book

The Center for Internet Security's Critical Security Controls v8.1 is the most widely adopted cybersecurity framework in the world, yet it remains one of the least understood. This book provides a thorough walkthrough of all 18 controls and their 153 safeguards, explaining not just what each safeguard requires but why it matters, how to implement it, and where common failures occur. Whether you are building your first security program from scratch or refining an advanced maturity model, this guide gives you the context, practical detail, and implementation roadmaps needed to turn the CIS Controls from a compliance checklist into a living defense strategy.

Share this book

Author

About the Author

Steve T. Publications

Steve T. is a cybersecurity leader, researcher, and engineer with more than 20 years of experience across application security, infrastructure security, vulnerability management, software development, and secure engineering practices. Having built his career alongside the growth of the modern internet, he has worked through multiple generations of technology, evolving security threats, and changing development methodologies.

He is currently part of the advanced research organization at a leading cybersecurity company, where he focuses on emerging threats, security innovation, and the practical application of research. His work involves investigating new attack techniques, evaluating emerging technologies, conducting deep technical analysis, and helping organizations better understand and manage complex security risks.

In addition to his research responsibilities, Steve leads a team of senior engineers and subject matter experts who create technical books, training programs, and educational resources for security professionals. Through this work, he helps engineers, developers, architects, and security practitioners strengthen their skills and build more secure systems.

Steve's technical expertise spans software development, reverse engineering, web application security, penetration testing, security architecture, incident response, vulnerability research, operating system internals, and secure software development. His ability to analyze systems at both the source code and binary levels enables him to bridge the worlds of software engineering, security research, and practical defense.

Over the course of his career, Steve has worked with organizations across a wide range of industries, helping them identify, assess, and remediate security weaknesses in critical applications and infrastructure. He is recognized for combining deep technical expertise with a pragmatic approach to security, focusing on solutions that are effective, sustainable, and aligned with business goals.

Through his work in research, engineering, leadership, and education, Steve continues to contribute to the advancement of cybersecurity and the development of secure, resilient technology systems.

Contents

Table of Contents

A Complete Walkthrough of the 18 Controls, 153 Safeguards, and Implementation Groups for Modern Organizations

  1. About This Book

Introduction: Why CIS Controls v8.1 Matters Now

Chapter 1: Foundations — The Evolution and Philosophy of the CIS Controls

  1. From SANS Top 20 to CIS Controls: A Brief History
  2. The Consensus-Driven Development Process
  3. Core Design Principles: Context, Coexistence, Consistency
  4. Task-Based vs Role-Based: Why v8 Changed the Paradigm
  5. How CIS Benchmarks Complement the Controls

Chapter 2: Framework Architecture — Understanding Structure and Terminology

  1. The Three Categories: Basic, Foundational, Organizational
  2. Safeguards vs Sub-Controls: Terminology Evolution
  3. The Six Security Functions: Identify, Protect, Detect, Respond, Recover, Govern
  4. Asset Classes: Devices, Users, Applications, Data, Networks, Documentation
  5. Implementation Groups (IG1, IG2, IG3): Definitions and Target Profiles

Chapter 3: Getting Started — Selection, Assessment, and Planning

  1. Self-Assessment: Using the CIS Controls Self-Assessment Tool (CSAT)
  2. Choosing Your Implementation Group: Risk Profile, Size, and Resources
  3. The Six-Step Navigator Workflow
  4. Building a Business Case for CIS Adoption
  5. Common Pitfalls in the Planning Phase

Chapter 4: Basic Controls — Inventory, Software, Data Protection, Configuration, Accounts, Access (Controls 1–6)

  1. Control 1: Inventory and Control of Enterprise Assets
  2. Control 2: Inventory and Control of Software Assets
  3. Control 3: Data Protection
  4. Control 4: Secure Configuration of Enterprise Assets and Software
  5. Control 5: Account Management
  6. Control 6: Access Control Management

Chapter 5: Foundational Controls — Vulnerability Management, Logging, Email/Malware, Recovery (Controls 7–11)

  1. Control 7: Continuous Vulnerability Management
  2. Control 8: Audit Log Management
  3. Control 9: Email and Web Browser Protections
  4. Control 10: Malware Defenses
  5. Control 11: Data Recovery

Chapter 6: Foundational Controls — Network, Monitoring, Awareness, Service Providers, Application Security (Controls 12–16)

  1. Control 12: Network Infrastructure Management
  2. Control 13: Network Monitoring and Defense
  3. Control 14: Security Awareness and Skills Training
  4. Control 15: Service Provider Management
  5. Control 16: Application Software Security

Chapter 7: Organizational Controls — Incident Response and Penetration Testing (Controls 17–18)

  1. Control 17: Incident Response Management
  2. Control 18: Penetration Testing

Chapter 8: The Govern Function — Governance as a Security Capability

  1. What Is the Govern Security Function?
  2. Governance Safeguards Across All 18 Controls
  3. Policies, Procedures, and Processes: The Documentation Asset Class
  4. Aligning Cybersecurity with Business Objectives
  5. Demonstrating Compliance Through Governance Evidence

Chapter 9: Mapping to Major Frameworks — NIST CSF 2.0, ISO/IEC 27001, and Others

  1. CIS Controls v8.1 to NIST CSF 2.0 Mapping
  2. Alignment with ISO/IEC 27001:2022
  3. Cross-Mapping to PCI DSS, HIPAA, CMMC, SOC 2, and GDPR
  4. The CIS Navigator Tool and Multi-Framework Compliance
  5. Using CIS as a Tactical Layer Under Strategic Frameworks

Chapter 10: Implementation Roadmaps — From IG1 to Maturity

  1. The 90-Day IG1 Sprint: What to Implement First
  2. Scaling to IG2: Adding Sophistication Without Overwhelm
  3. Reaching IG3: Advanced Defenses for High-Risk Environments
  4. Tools and Technologies for Each Control Area
  5. Measuring Progress: KPIs, Metrics, and Maturity Models
  6. Common Implementation Mistakes and How to Avoid Them

Chapter 11: Cloud, Hybrid, and Remote Environments

  1. The Cloud-First Design of CIS Controls v8
  2. Cloud Asset Inventory (AWS, Azure, GCP)
  3. Securing Cloud Data and Identity
  4. Remote Work and Zero Trust Architecture Alignment
  5. Container and Kubernetes Security (CIS Benchmarks)
  6. Supply Chain and Service Provider Risks in Cloud Environments

Chapter 12: Continuous Improvement — Monitoring, Auditing, and Evolving Your Program

  1. Continuous Monitoring and Alerting (SIEM, SOAR, XDR)
  2. Regular Assessments and Re-Assessment Cadence
  3. Lessons Learned: Post-Incident Reviews as Improvement Engines
  4. Adapting Controls to New Threats and Technologies (AI/ML)
  5. Building a Culture of Security Maturity

Conclusion: The Path Forward

References

Get the free sample chapters

Click the buttons to get the free sample in PDF or EPUB, or read the sample online here

The Leanpub 60 Day 100% Happiness Guarantee

Within 60 days of purchase you can get a 100% refund on any Leanpub purchase, in two clicks.

See full terms...

Earn $8 on a $10 Purchase, and $16 on a $20 Purchase

We pay 80% royalties on purchases of $7.99 or more, and 80% royalties minus a 50 cent flat fee on purchases between $0.99 and $7.98. You earn $8 on a $10 sale, and $16 on a $20 sale. So, if we sell 5000 non-refunded copies of your book for $20, you'll earn $80,000.

(Yes, some authors have already earned much more than that on Leanpub.)

In fact, authors have earned over $15 million writing, publishing and selling on Leanpub.

Learn more about writing on Leanpub

Free Updates. DRM Free.

If you buy a Leanpub book, you get free updates for as long as the author updates the book! Many authors use Leanpub to publish their books in-progress, while they are writing them. All readers get free updates, regardless of when they bought the book or how much they paid (including free).

Most Leanpub books are available in PDF (for computers) and EPUB (for phones, tablets and Kindle). The formats that a book includes are shown at the top right corner of this page.

Finally, Leanpub books don't have any DRM copy-protection nonsense, so you can easily read them on any supported device.

Learn more about Leanpub's ebook formats and where to read them

Write and Publish on Leanpub

You can use Leanpub to easily write, publish and sell in-progress and completed ebooks and online courses!

Leanpub is a powerful platform for serious authors, combining a simple, elegant writing and publishing workflow with a store focused on selling in-progress ebooks.

Leanpub is a magical typewriter for authors: just write in plain text, and to publish your ebook, just click a button. (Or, if you are producing your ebook your own way, you can even upload your own PDF and/or EPUB files and then publish with one click!) It really is that easy.

Learn more about writing on Leanpub