CIS-Based Security Maturity Program

Right-sized, integrated, holistic cybersecurity program grounded in CIS Controls Version 8.

BlueVoyant Advantages

  • Maturity-based, holistic cybersecurity program based on CIS Controls v8 to provide you with a right-sized, integrated approach to improving your security posture

  • Our maturity model approach combines BlueVoyant’s tailored risk-based assessment with CIS IG Levels to eliminate the confusion associated with a “one-size-fits-all” framework

  • Our integrated solution leverages BlueVoyant’s Core: MDR™, Terrain: 3PR™, and Liquid: PS™ services to simplify your cybersecurity ecosystem while improving your security posture

  • BlueVoyant’s Liquid: PS consultants have extensive frontline experience in responding to advanced cyber threats on behalf of numerous government agencies

  • BlueVoyant’s Core: MDR for Microsoft will identify and eradicate sophisticated threats across the entire environment with our BlueVoyant experienced, award-winning, and certified Microsoft security experts

  • BlueVoyant's Terrain: 3PR provides end-to-end vendor risk management by identifying, validating, prioritizing, and confirming mitigation of cyber threats and Zero-day vulnerabilities in your supply chain

Through our CIS-Based Security Maturity Workshop, gain a better understanding of the value of a maturity-based, holistic cyber program versus individual service investments, all while helping determine the right-sized cybersecurity program for your organization.

Four-Phased Workshop

The workshop includes:

  • A brief overview of where we’ve been and where we’re headed in cybersecurity
  • Illustrations of how various factors influence risk
  • A review of our expert approach to identifying key cyber strengths and vulnerabilities
  • An exercise to clarify your strengths and vulnerabilities resulting in a findings and recommendations report
Blue Voyant Brand Imagery Quartzite 5

Essentials Cybersecurity Program

  • Helps ensure a basic level of cybersecurity protection against non-targeted attacks and accidental data leakage
  • Ideal for smaller, less-distributed companies and governmental entities that manage average sensitivity data
Asset Rock v614 v074a

Advanced Cybersecurity Program

  • Provides additional protection for companies with increased operational complexity

  • Better choice for companies and governmental entities with multiple departments that have different risk profiles, and larger, more distributed enterprises

Asset Rock v616 v074a

Expert Cybersecurity Program

  • A holistic program to facilitate regulatory compliance
  • Designed for organizations that secure sensitive information, have supply chains that will suffer significant impact by successful attacks, and organizations that are likely to be subject to targeted attacks
Concept st rock Main v013






CIS Controls assessment and roadmap on how to achieve desired CIS Control group


Compliance with 56 safeguards within CIS Implementation Group 1 (CIS IG1)




Compliance with 130 safeguards within CIS Implementation Group 2 (CIS IG2)



Compliance with 148 safeguards within CIS Implementation Group 3 (CIS IG3)


VISIBL Vulnerability Identification Services




Core: MDR for Microsoft




Forensics & Incident Response Retainer



Terrain: 3PR


Virtual CISO Consulting Hours




Prioritize and maximize investments for your organization

This maturity program, informed by the CIS Critical Security Controls and BlueVoyant’s proprietary gap assessment methodology, offers three progressive program levels that can be tailored to, and implemented for, your organization’s unique infrastructure. Our integrated solution and team of experts can help you remediate any gaps in your security posture.

  • CIS Controls assessment and roadmap on how to achieve desired CIS Control group
  • Compliance with 153 safeguards within CIS Implementation Groups
  • BlueVoyant Elements to meet and maintain CIS-based maturity program
  • Reduce the confusion over where to start and how to achieve success
  • Helping ensure orchestration between the different elements of your cybersecurity program

Additional Resources

  • Incident Response Team Threat Exercises
  • Incident Response Plan
  • VISIBL Vulnerability Identification Services

Professional Services provides numerous proactive solutions to help improve your cybersecurity posture