CIS Controls v8 IG1Benchmarking
56 essential safeguards, continuously evaluated, across your entire MSP portfolio. The industry standard for cyber hygiene—automatically verified.
What is CIS IG1?
CIS Controls v8 is the gold standard for cybersecurity best practices, used by 30,000+ organizations globally. Implementation Group 1 (IG1) defines 56 safeguards for "essential cyber hygiene"—the minimum security every organization should have.
For MSPs, IG1 is the perfect baseline:
- Aligns with what insurance carriers require
- Achievable for SMB clients with limited budgets
- Measurable, defensible, and industry-recognized
Control Categories
Continuous Evaluation, Not Point-in-Time Audits
Traditional compliance is a snapshot. You pass an audit, then drift for 364 days until the next one. BrainstormMSP evaluates CIS safeguards continuously.
| Aspect | Point-in-Time Audit | Continuous Evaluation |
|---|---|---|
| Frequency | Annual | Daily/Real-time |
| Evidence freshness | 364 days stale | Always current |
| Drift detection | None | Instant alerts |
| Prep time | 40+ hours | <1 hour |
| Confidence | Low (snapshot) | High (continuous) |
Evidence From Your Existing Stack
We don't ask you to install new agents or fill out forms. Evidence flows from tools you already use.
Acronis Cyber Protect Cloud
- Backup job statusCIS 11.2
- Encryption settingsCIS 3.6
- Restore verificationCIS 11.5
- Agent deploymentCIS 1.1
- Antivirus statusCIS 10.1
Microsoft GDAP
- Admin accountsCIS 5.4
- MFA statusCIS 6.4
- Role assignmentsCIS 5.1
- Privilege driftCIS 5.3
Microsoft Entra
- User MFACIS 6.5
- Conditional accessCIS 6.3
- Guest accountsCIS 5.3
Professional Reports for Every Client
Every client gets a professional, PDF-ready CIS benchmark report. Perfect for QBRs, insurance renewals, and board presentations.
- Executive summary with overall score
- Safeguard-by-safeguard breakdown
- Evidence citations for each control
- Gap analysis with remediation priorities
- Trend over time (if historical data)
CIS Alignment = Better Insurance Outcomes
Insurance carriers want to see structured security controls. CIS IG1 is exactly what they're looking for—and our evidence packs prove it.
Questionnaire Auto-Fill
CIS evidence maps directly to Coalition, Cowbell, and At-Bay questionnaire fields. 200+ answers pre-populated.
Evidence Packs
Download carrier-ready evidence packs with CIS safeguard citations, confidence scores, and supporting documentation.
Evidence-Based Renewals
CIS-aligned evidence packages give carriers the structured data they need for risk assessment.
Frequently Asked Questions
Get Your First CIS Benchmark in 15 Minutes
No credit card required. 14-day trial. Cancel anytime.
Connect your Acronis account and see your CIS IG1 score today. No manual data entry required.