Study any time, from any device.

CSIS Top 20 Critical Security Controls Training Boot Camp

This course teaches you how to master the 20 Important Security Controls as published by the Center for Strategic and International Studies. Securing the United States against cyber attacks has become one of the nation’s highest priorities.

Learn the CSIS critical security controls

Boot camp overview

Securing the United States against cyber-attacks has become one of the nation’s highest priorities. To achieve this objective, networks, systems, and the operations teams that support them must vigorously defend against external attacks. Furthermore, for those external attacks that are successful, defenses must be capable of thwarting, detecting, and responding to follow-on attacks on internal networks as attackers spread inside a compromised network.

This group of 20 crucial controls is designed to begin the process of establishing that prioritized baseline of information security measures and controls that can be applied across enterprise environments. Fifteen of these controls can be monitored, at least in part, automatically and continuously. This course has also identified a set of five controls that are essential but that do not appear to be able to be monitored continuously or automatically with current technology and practices.

Skill up and get certified, guaranteed

100% Satisfaction Guarantee

If you’re not 100% satisfied with your training at the end of the first day, you may withdraw and enroll in a different Flex Pro or Flex Classroom course.

Knowledge Transfer Guarantee

If an employee leaves within three months of obtaining certification, Infosec will train a different employee at the same organization tuition-free for up to one year.

CSIS Top 20 objectives

The guiding principles used in devising these control areas and their associated subcontrols include:

  • Defenses should focus on addressing the most common and damaging attack activities occurring today.
  • Enterprise environments must ensure consistent controls across an enterprise to effectively negate attacks.
  • Defenses should be automated where possible, and periodically or continuously measured using automated measurement techniques where feasible.
  • To address current attacks occurring on a frequent basis against numerous organizations, a variety of specific technical activities should be undertaken to produce a more consistent defense.

About the CSIS Top 20

The control areas and individual subcontrols described focus on various technical aspects of information security, with a primary goal of supporting organizations in prioritizing their efforts in defending against today’s most common and damaging computer and network attacks. Outside of the technical realm, a comprehensive security program should also take into account numerous additional areas of security, including overall policy, organizational structure, personnel issues (e.g., background checks, etc.), and physical security.

To help maintain focus, the controls in this document do not deal with these important, but non-technical, aspects of information security. Organizations should build a comprehensive approach in these other aspects of security as well, but overall policy, organization, personnel, and physical security are outside of the scope of this document.

Award-winning training that you can trust

Rising Star

Partner Award

G2 Crowd Leader

Technical Skills Development Software

Gold Winner

Best Cybersecurity Education Provider

Publisher's Choice

Security Training for Infosec Professionals

Top 20 Company

IT Training

Why choose Infosec

Your flexible learning experience

Infosec Flex makes expert, live instruction convenient with online and in-person formats tailored to how, when and where you learn best.

Public training boot camps held nationwide

  • Pre-study course materials
  • Live instruction
  • Digital courseware
  • Daily reinforcement materials
  • Catered lunches
  • Infosec community forum access
  • 100% Satisfaction Guarantee
  • Knowledge Transfer Guarantee

Most Popular

Immersive, live-streamed instruction

  • Pre-study course materials
  • Live instruction
  • Digital courseware
  • Daily reinforcement materials
  • Detailed performance reporting
  • Video replays
  • 90-day extended access to materials
  • Infosec community forum access
  • Exam Pass Guarantee
  • 100% Satisfaction Guarantee
  • Knowledge Transfer Guarantee

 

 

 

Tailored team training at your location

  • Pre-study course materials
  • Live, customized instruction at your location
  • Digital courseware
  • Daily reinforcement materials
  • Detailed team performance reporting
  • Video replays
  • 90-day extended access to materials
  • Infosec community forum access
  • Exam Pass Guarantee
  • 100% Satisfaction Guarantee
  • Knowledge Transfer Guarantee

Can’t get away for a week?

Learn cybersecurity on-demand.

Get the cybersecurity training you need at a pace that fits your schedule with a subscription to Infosec Skills. Includes unlimited access to hundreds of additional on-demand courses — plus cloud-hosted cyber ranges where you can practice and apply knowledge in real-world scenarios — all for just $34 a month!

  • 400+ courses
  • 4 cyber range environments
  • 100+ hands-on labs
  • Certification practice exams
  • 50+ learning paths

You're in good company.

"I’ve taken five boot camps with Infosec and all my instructors have been great."

Jeffrey Coa

Information Security Systems Officer

"The course not only met my expectations, but exceeded them. It was the most engaging online training I’ve ever had."

Val Vask

Commercial Technical Lead

"I knew Infosec could tell me what to expect on the exam and what topics to focus on most."

Julian Tang

Chief Information Officer

Our clients

FedEx
Microsoft
Bank of America
Defense Information Systems Agency
Symantec

Find your boot camp