CIS Control 17: Implement a Security Awareness and Training Program

For all functional roles in the organization (prioritizing those mission-critical to the business and its security), identify the specific knowledge, skills and abilities needed to support defense of the enterprise; develop and execute an integrated plan to assess, identify gaps, and remediate through policy, organizational planning, training, and awareness programs.

• Control 17.3: Implement a Security Awareness Program
• Control 17.5: Train Workforce on Secure Authentication
• Control 17.6: Train Workforce on Identifying Social Engineering Attacks
• Control 17.7: Train Workforce on Sensitive Data Handling
• Control 17.8: Train Workforce on Causes of Unintentional Data Exposure
• Control 17.9: Train Workforce Members on Identifying and Reporting Incidents