turbot/aws_compliance

Dashboard: CISA Cyber Essentials

To obtain the latest version of the official guide, please visit https://www.cisa.gov/cyber-essentials.

Overview

Cybersecurity & Infrastructure Security Agency's (CISA) Cyber Essentials is a guide for leaders of small businesses as well as leaders of small and local government agencies to develop an actionable understanding of where to start implementing organizational cybersecurity practices.

Managing cyber risks requires building a Culture of Cyber Readiness. The Culture of Cyber Readiness has six Essential Elements:

  • Yourself
  • Your Staff
  • Your Systems
  • Your Surroundings
  • Your Data
  • Your Crisis Response
  • Booting Up: Things to Do First

Even before your organization has begun to adopt a Culture of Cyber Readiness, there are things you can begin doing today to make your organization more prepared against cyber risks.

Backup Data

Employ a backup solution that automatically and continuously backs up critical data and system configurations.

Multi-Factor Authentication

Require multi-factor authentication (MFA) for accessing your systems whenever possible. MFA should be required of all users, but start with privileged, administrative, and remote access users.

Patch & Update Management

Enable automatic updates whenever possible. Replace unsupported operating systems, applications and hardware. Test and deploy patches quickly.

Usage

Install the mod:

mkdir dashboards
cd dashboards
powerpipe mod init
powerpipe mod install github.com/turbot/steampipe-mod-aws-compliance

Start the Powerpipe server:

steampipe service start
powerpipe server

Open http://localhost:9033 in your browser and select CISA Cyber Essentials dashboard.

You could also snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe benchmark run aws_compliance.benchmark.cisa_cyber_essentials --share

Benchmark

This dashboard is automatically generated from the following benchmark:

benchmark.cisa_cyber_essentials

Tags