The CIS Controls are the most practical cybersecurity framework for organizations of any size. Lavawall® monitors your CIS posture continuously - from the 18 essential IG1 safeguards to the full IG3 advanced control set.
The Center for Internet Security (CIS) Controls are 18 prioritized safeguards developed from real-world attack data and adopted by governments and enterprises globally as the starting point for any cybersecurity program.
18 safeguards every organization must have. Asset inventory, software control, data protection, basic access management, MFA, and incident response. Required by most cyber insurers.
An additional 74 safeguards for organizations with dedicated IT resources. Covers advanced access management, security awareness, log management, network monitoring, and penetration testing.
All 153 safeguards for organizations handling highly sensitive data or facing sophisticated threats. Full application security, data classification, and advanced incident response.
Lavawall® was built with CIS Controls in mind. The platform maps endpoint telemetry, cloud configuration, patch status, and access control data directly to CIS safeguards - providing a real-time IG compliance score.
CIS IG1 is the de facto baseline that most cyber insurers use as their minimum acceptable control set. Demonstrating documented CIS IG1 compliance - with evidence from Lavawall® - is one of the most effective ways to improve your insurance questionnaire responses and reduce premiums.
A Lavawall® deployment generates an initial CIS compliance score within 48 hours. A formal CISSP/CISA gap assessment against IG1 takes 1-2 weeks. Remediation to a strong IG1 posture typically takes 30-90 days depending on starting conditions.
CIS Controls have excellent overlap with HIPAA Security Rule technical safeguards, SOC 2 Security Trust Services Criteria, and NIST CSF. Lavawall® performs multi-framework mapping - satisfying a CIS control often simultaneously satisfies corresponding requirements in other frameworks.
Yes - this is one of the most popular Lavawall® MSP partner use cases. Partners use Lavawall®'s multi-tenant CIS dashboard to deliver compliance reporting to clients, and can escalate to ThreeShield's CISSP/CISA team for formal assessments when clients need an independent report.
Lavawall® shows your real CIS compliance score in 48 hours. ThreeShield's CISSP/CISA team turns findings into a prioritized remediation plan. Choose DIY, supported, or done-for-you.
Book a Scoping CallDIY · Supported · Done-for-You · All engagement models available
Whether you have a strong internal team or need everything handled end-to-end, ThreeShield meets you where you are.
For lean IT teams and cost-conscious organizations with internal security capacity
For MSPs, IT teams with some security resources, and organizations that need expert guidance but retain internal capacity
For organizations that want full compliance delivery without managing the process internally