CIS Controls v8

CIS 9 Email and Web Browser Protections

Starts in IG1 | Reduce phishing and web-borne malware exposure.

Implementation Actions

Harden email security controls.
Apply browser policy restrictions.
Block high-risk content delivery paths.

Evidence Examples

Email protection policy
Browser policy artifacts
Threat blocking reports

Suggested Metrics

Phishing click trend
Blocked malicious delivery events

Navigation

Back to All 18 CIS Controls NIST CSF 2.0 Guidance FedRAMP Guidance Cybersecurity Glossary