Exploring CIS Benchmarks and IT Security

Introduction to CIS Benchmarks and IT Security

In the 26th episode of the Senteon and CIS webinar series, we delve deep into the CIS benchmarks, a crucial aspect of IT security. Host Zach from Senteon, along with Rich McGraw from CIS, welcomed David Creitz, an expert in IT security and Services Delivery Management. David’s extensive background in engineering and IT security offers valuable insights into the complex world of cybersecurity.

The Role of a Services Delivery Manager

David Creitz, with his rich experience in IT, currently holds the position of IT Services Delivery Manager. This role, as David explains, involves ensuring the delivery of various services, including support and application management, to clients. His journey from a technician to this role highlights the diverse skill set required in IT security, encompassing everything from basic support to high-level management.

Tackling the Current Threat Landscape

David shared insights into the current threat landscape in IT security. He discussed recent issues like the Microsoft patch for web browsers and applications, emphasizing the importance of staying ahead of threats. His approach includes subscribing to newsletters on vulnerabilities and maintaining a robust network within the IT community.

The Complexity of IT Security

One of the key points David touched upon is the complexity of IT systems today, especially when dealing with legacy systems. This complexity poses significant challenges for security professionals, necessitating a thorough understanding of various systems and their vulnerabilities.

The Importance of CIS Controls and Benchmarks

The conversation also highlighted the significance of CIS controls and benchmarks in maintaining IT security. These benchmarks provide prescriptive guides for configuring systems, which are essential in mitigating risks like unauthorized access and software installation. David emphasized the importance of not allowing indiscriminate software installations, as this can lead to security breaches.

David’s Experience and Background

David’s background is diverse, having worked in various capacities in IT, including at Boeing. His experience at Boeing, particularly in dealing with critical infrastructure and valuable IP, adds depth to his understanding of IT security challenges.

The Role of Senteon in IT Security

Senteon, as discussed in the webinar, plays a crucial role in IT security by managing individual controls and aiding in drift and remediation. David praised Senteon for its effectiveness in these areas.

The Ever-Evolving World of IT Security

The webinar with David Creitz provided a comprehensive look into the world of IT security, emphasizing the importance of staying updated with the latest threats and solutions. His journey and insights underscore the dynamic and complex nature of IT security, highlighting the critical role of CIS benchmarks and controls in safeguarding systems.