CIS-Based Security Maturity Program

Right-sized, integrated, holistic cybersecurity program grounded in CIS Controls Version 8.

BlueVoyant Advantages

  • Maturity-based, holistic cybersecurity program based on CIS Controls v8 to provide you with a right-sized, integrated approach to improving your security posture

  • Our maturity model approach combines BlueVoyant’s tailored risk-based assessment with CIS IG Levels to eliminate the confusion associated with a “one-size-fits-all” framework

  • Our integrated solution leverages BlueVoyant’s MDR, SCD, and Professional Services to simplify your cybersecurity ecosystem while improving your security posture

  • Professional Services consultants have extensive frontline experience in responding to advanced cyber threats on behalf of numerous government agencies

  • BlueVoyant Managed Detection & Response for Microsoft will identify and eradicate sophisticated threats across the entire environment with our BlueVoyant experienced, award-winning, and certified Microsoft security experts

  • BlueVoyant Supply Chain Defense provides end-to-end vendor risk management by identifying, validating, prioritizing, and confirming mitigation of cyber threats and Zero-day vulnerabilities in your supply chain

Through our CIS-Based Security Maturity Engagement, gain a better understanding of the value of a maturity-based, holistic cyber program versus individual service investments, all while helping determine the right-sized cybersecurity program for your organization.

Four-Phased Engagement

The engagement includes:

  • A brief overview of where we’ve been and where we’re headed in cybersecurity
  • Illustrations of how various factors influence risk
  • A review of our expert approach to identifying key cyber strengths and vulnerabilities
  • An exercise to clarify your strengths and vulnerabilities resulting in a findings and recommendations report
four phased cybersecurity workshop

Essentials Cybersecurity Program

  • Helps ensure a basic level of cybersecurity protection against non-targeted attacks and accidental data leakage
  • Ideal for smaller, less-distributed companies and governmental entities that manage average sensitivity data
essentials cybersecurity program

Advanced Cybersecurity Program

  • Provides additional protection for companies with increased operational complexity

  • Better choice for companies and governmental entities with multiple departments that have different risk profiles, and larger, more distributed enterprises

advanced cybersecurity program

Expert Cybersecurity Program

  • A holistic program to facilitate regulatory compliance
  • Designed for organizations that secure sensitive information, have supply chains that will suffer significant impact by successful attacks, and organizations that are likely to be subject to targeted attacks
expert cybersecurity program






CIS Controls assessment and roadmap on how to achieve desired CIS Control group


Compliance with 56 safeguards within CIS Implementation Group 1 (CIS IG1)




Compliance with 130 safeguards within CIS Implementation Group 2 (CIS IG2)



Compliance with 148 safeguards within CIS Implementation Group 3 (CIS IG3)


VISIBL Vulnerability Identification Services




Core: MDR for Microsoft




Forensics & Incident Response Retainer



Terrain: 3PR


Virtual CISO Consulting Hours




Prioritize and maximize investments for your organization

This maturity program, informed by the CIS Critical Security Controls and BlueVoyant’s proprietary gap assessment methodology, offers three progressive program levels that can be tailored to, and implemented for, your organization’s unique infrastructure. Our integrated solution and team of experts can help you remediate any gaps in your security posture.

  • CIS Controls assessment and roadmap on how to achieve desired CIS Control group
  • Compliance with 153 safeguards within CIS Implementation Groups
  • BlueVoyant Elements to meet and maintain CIS-based maturity program
  • Reduce the confusion over where to start and how to achieve success
  • Helping ensure orchestration between the different elements of your cybersecurity program

Additional Resources

  • Incident Response Team Threat Exercises
  • Incident Response Plan
  • VISIBL Vulnerability Identification Services

Professional Services provides numerous proactive solutions to help improve your cybersecurity posture