Index of Best Practices#
The following table lists the best practices and indicated if they have actions associated with them for each maturity level (“In Scope” or “Out of Scope”) and if they are a priority action (“Priority”) for each maturity level.
For more details on maturities in this Guide, see the maturities descriptions.
To learn how to determine the maturity at which your organization operates, see the maturity determination guide.
For a better understanding of how these priorities were determined and for a better understanding of how to start implementing these best practices, see the maturity to best practice mapping.
You can use this table as a checklist to help track your progress.
✓ |
Best Practice |
Maturity Priorities |
||
|---|---|---|---|---|
Level 1 |
Level 2 |
Level 3 |
||
Addressing Physical Threats |
In scope |
In scope |
In scope |
|
Asset Management |
Priority |
Priority |
Priority |
|
Backups |
Priority |
Priority |
Priority |
|
Building and Managing Staff |
Priority |
Priority |
Priority |
|
Encrypt Data at Rest |
Priority |
Priority |
Priority |
|
Endpoint Protection |
In scope |
In scope |
In scope |
|
Exercising Plans |
In scope |
In scope |
In scope |
|
Firewalls and Port Restrictions |
In scope |
Priority |
Priority |
|
Formal Cybersecurity Assessments |
In scope |
In scope |
In scope |
|
Implementing the CIS Controls |
In scope |
In scope |
In scope |
|
Incident Response |
Priority |
Priority |
Priority |
|
Join the EI-ISAC |
Priority |
Priority |
Priority |
|
Malicious Domain Blocking & Reporting |
In scope |
In scope |
In scope |
|
Managing Infrastructure |
Priority |
Priority |
Priority |
|
Managing Mis-, Dis-, and Malinformation |
In scope |
In scope |
In scope |
|
Managing Remote Connections |
In scope |
Priority |
Priority |
|
Managing Removable Media |
In scope |
In scope |
In scope |
|
Managing Vendors |
In scope |
In scope |
In scope |
|
Managing Wireless Networks |
In scope |
In scope |
In scope |
|
Network Monitoring and Intrusion Detection |
Out of scope |
In scope |
In scope |
|
Patching and Vulnerability Management |
In scope |
In scope |
In scope |
|
Public Facing Network Scanning |
In scope |
In scope |
In scope |
|
User Management |
Priority |
Priority |
Priority |
|
Website Security |
In scope |
In scope |
In scope |
|