Skip to main content
Image coming soon

SEC0817 Mastering CIS Controls for Senior Global Infrastructure Program Leaders

$199.00
Adding to cart… The item has been added

A tailored course, built for your situation

Mastering CIS Controls for Senior Global Infrastructure Program Leaders

Build auditable security postures with precision and executive clarity

$199 one-time
24-hour access provisioning 30-day money-back guarantee Hand-built implementation playbook
12 modules. 12 chapters per module. 144 chapters total.
12 modules, each with 12 chapters (144 chapters total), text-based, plus downloadable templates and a hand-built implementation playbook delivered alongside course access.
Security programs that don’t surface clearly to leadership get treated as overhead, not leverage.

Who this is for

Senior infrastructure program leader at a global tech company driving compliance-adjacent initiatives with limited direct security authority

Who this is not for

Individual contributors focused only on day-to-day ops, or security specialists without program governance scope

What you walk away with

  • Produce security evidence that flows directly into executive summaries
  • Position infrastructure programs as governance leaders, not compliance followers
  • Structure CIS implementation around program milestones, not audit cycles
  • Communicate control outcomes with clarity that cuts across teams
  • Build repeatable templates that elevate future program narratives

The 12 modules (with all 144 chapters)

Module 1. Foundations of the CIS Controls Framework
Establish a clear understanding of the 18 CIS Controls, their hierarchy, and how they map to real-world infrastructure governance. This module clarifies the distinction between foundational and organizational controls, with emphasis on global program applicability.
12 chapters in this module
  1. Overview of the CIS Controls v8 structure
  2. Mapping control priorities to infrastructure risk tiers
  3. Differentiating automated vs policy-driven controls
  4. Integrating CIS with NIST CSF and ISO 27001
  5. Understanding control maturity levels
  6. Global compliance expectations by region
  7. How CIS compares to internal control matrices
  8. Control ownership models across distributed teams
  9. Documenting baseline compliance posture
  10. Using CIS to prioritize infrastructure backlog
  11. Common misalignments in tech-first environments
  12. Setting program-level compliance KPIs
Module 2. CIS Control 1: Inventory and Control of Hardware Assets
Master the process of maintaining accurate, real-time hardware inventories across global infrastructure. Learn to build systems that auto-correct drift and provide auditable evidence for executive reporting.
12 chapters in this module
  1. Defining hardware asset scope in cloud-heavy environments
  2. Integrating CMDB with automated discovery tools
  3. Tagging strategies for global compliance tracking
  4. Handling edge and data center hardware differences
  5. Automated reconciliation workflows
  6. Building audit-ready asset reports
  7. Managing virtualized hardware visibility
  8. Integrating asset data into incident response
  9. Handling jurisdiction-specific data requirements
  10. Documenting asset lifecycle control gaps
  11. Aligning hardware inventory with procurement
  12. Producing executive dashboards from asset data
Module 3. CIS Control 2: Inventory and Control of Software Assets
Ensure full visibility into software deployments across environments. This module teaches how to structure software inventory for compliance, security, and cost accountability.
12 chapters in this module
  1. Defining software asset boundaries in microservices
  2. Integrating package managers with compliance checks
  3. Version tracking across global deployments
  4. Detecting unauthorized software in production
  5. Building software bill of materials (SBOM)
  6. Managing open-source license compliance
  7. Linking software inventory to vulnerability scans
  8. Automated software approval workflows
  9. Handling containerized software inventories
  10. Reporting software compliance to leadership
  11. Integrating software data into incident logs
  12. Documenting software lifecycle control points
Module 4. CIS Control 3: Data Protection
Implement structured data classification and protection aligned with CIS benchmarks. Learn to map data flows to controls and produce defensible narratives for executive review.
12 chapters in this module
  1. Classifying data by sensitivity and jurisdiction
  2. Mapping data stores to compliance frameworks
  3. Encryption standards for data at rest and in transit
  4. Data retention and destruction policies
  5. Integrating DLP with infrastructure monitoring
  6. Documenting data access controls
  7. Handling cross-border data movement
  8. Building data flow diagrams for audits
  9. Aligning data protection with privacy laws
  10. Reporting data control posture to leadership
  11. Integrating data protection into CI/CD
  12. Conducting data protection gap assessments
Module 5. CIS Control 4: Secure Configuration of Enterprise Assets and Software
Establish and maintain secure configurations across systems and applications. This module covers baselines, automation, and exception management.
12 chapters in this module
  1. Defining secure configuration baselines
  2. Integrating CIS Benchmarks into deployment
  3. Automating configuration drift detection
  4. Managing exceptions with audit trails
  5. Handling legacy system compliance
  6. Building secure configuration playbooks
  7. Integrating with infrastructure-as-code
  8. Reporting configuration status to leadership
  9. Handling jurisdiction-specific requirements
  10. Documenting secure build processes
  11. Aligning config management with change control
  12. Conducting regular configuration audits
Module 6. CIS Control 5: Account Management
Ensure proper provisioning, review, and deactivation of user accounts. Learn to manage identity at scale with compliance in mind.
12 chapters in this module
  1. Defining account provisioning workflows
  2. Implementing role-based access controls
  3. Automating user access reviews
  4. Handling service account lifecycle
  5. Integrating IAM with HR systems
  6. Managing privileged access
  7. Documenting access control policies
  8. Reporting account compliance to leadership
  9. Handling cross-functional access requests
  10. Integrating account controls with audit tools
  11. Building access revocation playbooks
  12. Conducting regular access reviews
Module 7. CIS Control 6: Access Control Management
Implement least privilege and segregation of duties across systems. This module teaches how to enforce access policies without slowing delivery.
12 chapters in this module
  1. Mapping access roles to job functions
  2. Implementing just-in-time access
  3. Integrating access controls with identity providers
  4. Handling emergency access scenarios
  5. Documenting access control policies
  6. Reporting access posture to leadership
  7. Managing third-party access
  8. Building access review workflows
  9. Integrating with privileged access management
  10. Conducting regular access audits
  11. Aligning with zero trust principles
  12. Handling jurisdiction-specific access rules
Module 8. CIS Control 7: Continuous Vulnerability Management
Establish a proactive process for identifying, prioritizing, and remediating vulnerabilities. Learn to align with program timelines and executive reporting.
12 chapters in this module
  1. Integrating vulnerability scanners into CI/CD
  2. Prioritizing vulnerabilities by risk context
  3. Automating patch management workflows
  4. Handling false positives at scale
  5. Reporting vulnerability status to leadership
  6. Integrating with ticketing systems
  7. Building vulnerability response playbooks
  8. Conducting regular penetration tests
  9. Documenting remediation evidence
  10. Aligning with threat intelligence
  11. Managing third-party library risks
  12. Handling jurisdiction-specific reporting
Module 9. CIS Control 8: Audit Log Management
Ensure logs are complete, secure, and usable for investigations. Learn to structure logging for compliance and executive clarity.
12 chapters in this module
  1. Defining critical log sources
  2. Ensuring log integrity and retention
  3. Centralizing logs across global infrastructure
  4. Integrating with SIEM systems
  5. Handling jurisdiction-specific logging rules
  6. Building log query playbooks
  7. Reporting logging posture to leadership
  8. Conducting regular log audits
  9. Documenting log management policies
  10. Integrating logs with incident response
  11. Automating log retention compliance
  12. Handling log volume at scale
Module 10. CIS Control 9: Email and Web Browser Protections
Secure common attack vectors through configuration and policy. This module focuses on enterprise-wide protections.
12 chapters in this module
  1. Configuring secure email gateways
  2. Implementing DMARC, DKIM, and SPF
  3. Blocking malicious domains
  4. Securing browser configurations
  5. Managing browser extensions
  6. Integrating with threat intelligence
  7. Reporting protection status to leadership
  8. Conducting phishing simulations
  9. Documenting email security policies
  10. Handling jurisdiction-specific email rules
  11. Building incident response workflows
  12. Automating email security checks
Module 11. CIS Control 10: Malware Defenses
Implement layered defenses against malware. This module covers technical controls and response strategies.
12 chapters in this module
  1. Deploying endpoint protection platforms
  2. Configuring EDR tools for global scale
  3. Managing signature and behavior-based detection
  4. Integrating with threat intelligence
  5. Handling false positive tuning
  6. Reporting malware posture to leadership
  7. Building incident response workflows
  8. Conducting regular malware simulations
  9. Documenting malware defense policies
  10. Handling jurisdiction-specific requirements
  11. Integrating with network segmentation
  12. Automating malware detection alerts
Module 12. CIS Control 11: Data Recovery
Ensure reliable backup and recovery of critical data. Learn to demonstrate readiness to leadership and auditors.
12 chapters in this module
  1. Defining backup scope and frequency
  2. Testing recovery procedures regularly
  3. Securing backup data
  4. Integrating with disaster recovery plans
  5. Reporting recovery readiness to leadership
  6. Documenting backup policies
  7. Handling jurisdiction-specific data rules
  8. Building recovery playbooks
  9. Automating backup verification
  10. Conducting regular recovery drills
  11. Integrating with change management
  12. Aligning with business continuity

How this maps to your situation

  • Global infrastructure program management
  • Executive visibility and reporting
  • Compliance alignment without direct authority
  • Efficiency-driven security posture

Before vs. after

Before
Security work is buried in technical reports, lacking visibility with leadership.
After
Security programs are structured to surface clearly, elevating program impact and personal influence.

What's included with your purchase

  • 12 modules with 12 chapters each (144 chapters)
  • Downloadable templates and worked examples for every module
  • Hand-built implementation playbook delivered alongside course access
  • 30-day money-back guarantee

Delivery and format

  • Course and learning environment access provisioned within 24 hours of purchase
  • Hand-built implementation playbook delivered alongside course access

Format: Text-based modules and chapters in the Art of Service learning environment, plus downloadable templates and worked examples for every chapter, plus the hand-built implementation playbook delivered alongside course access.

Time investment: 90 minutes per week for 4 weeks, with flexible access to all materials

If nothing changes
Continuing without structured visibility risks being overlooked in efficiency reviews and missing opportunities to lead governance evolution.

How this compares to the alternatives

Unlike generic compliance training, this course is tailored to senior infrastructure program leaders and focuses on executive visibility, real-world implementation, and cross-functional alignment.

Frequently asked

Is this course technical or strategic?
It’s both , focused on practical implementation for senior program managers who need to bridge technical execution and leadership communication.
How is the course structured?
12 modules, each containing 12 chapters (144 chapters total).
Will this help me with audits?
Yes , you’ll learn to build evidence workflows that pass internal reviews and elevate your team’s profile.
$199 one-time. 90 minutes per week for 4 weeks, with flexible access to all materials.

Within 24 hours your account in the learning environment is provisioned and the tailored implementation playbook is delivered alongside it.

30-day money-back guarantee· 144 chapters· Hand-built playbook included· Account access within 24 hours