Infolock Releases Data Risk Best Practices with CIS

ARLINGTON, Va.--()--Today, Infolock, an industry-leading data advisory services provider and CIS® SecureSuite® Member, announced the release of a new, freely-available Data Risk Best Practices addendum to the CIS Controls™ Version 7, available online.

The CIS Controls provide 20 essential controls needed for information security management. The CIS Controls are widely considered the most concise and practical best practices guide of its kind. The current version, Version 7, was released on March 19, 2018, and has already been downloaded more than 28,000 times. Combined download totals for all versions of the CIS Controls exceed 130,000.

The Data Risk Best Practices complements and extends the existing CIS Controls, specifically CIS Control 13 (Data Protection). It establishes three sequential areas of data management focus, with both organizational and technical sub-controls:

  • Governance
  • Visibility
  • Protection

The sequential steps outlined in detail in the Data Risk Best Practices enable organizations, and their executives (COOs, CFOs, CIOs, CISOs, DPOs, etc.) to understand, assess, analyze, plan, implement, manage, and maintain controls for data privacy, data security, data compliance, and data operations in the short- and long-term.

The release coincides with Infolock’s launch of a new strategic data advisory consulting practice. This practice will focus on the global data-centric protection market, estimated to be worth over $5B a year by 2022, according to MarketsandMarkets™. Infolock is the leading provider of data governance, data management, and data protection services to regulated and non-regulated organizations in the U.S. and Latin America.

The Data Risk Best Practices launch follows Infolock’s corporate re-branding and website re-launch in April 2018.

Ryan Dobbins, Director of Advisory Services at Infolock, said: “Data privacy and data protection is on everyone’s minds; regulations including GDPR, HIPAA, SOX, and PCI are driving procurement of data security tools in a way we’ve never seen. The bad news is these tools are often improperly implemented, underutilized, or worse yet -- simply sitting on a shelf. Our practice enables organizations to progress from just owning tools to providing continuous data governance, visibility, and protection capabilities.”

Joe Wynn, CEO at Seiso and former CISO at Education Management Corporation, added: “The Data Risk Best Practices for CIS Controls v7 provides organizations with clear guidance to improve their data governance and information protection initiatives. Information Security managers can leverage this guidance when speaking with business executives, to help them understand where they are with data risks, where they need to be, and how to get there most effectively.”

About CIS

CIS® (Center for Internet Security, Inc.) is a forward-thinking, non-profit entity that harnesses the power of a global IT community to safeguard private and public organizations against cyber threats. The CIS Controls™ and CIS Benchmarks™ are the global standard and recognized best practices for securing IT systems and data against the most pervasive attacks. These proven guidelines are continuously refined and verified by a volunteer, global community of experienced IT professionals. Our CIS Hardened Images are virtual machine emulations preconfigured to provide secure, on-demand, and scalable computing environments in the cloud. CIS is home to both the Multi-State Information Sharing and Analysis Center® (MS-ISAC®), the go-to resource for cyber threat prevention, protection, response, and recovery for U.S. State, Local, Tribal, and Territorial government entities, and the Elections Infrastructure Information Sharing and Analysis Center™ (EI-ISAC™), which supports the cybersecurity needs of U.S. State, Local and Territorial elections offices. To learn more, visit or follow us on Twitter: @CISecurity.

About Infolock

Infolock is an industry-leading data advisory consulting firm, integration services provider, and value-added reseller based in Arlington, VA. Founded in 2005, Infolock is the go-to provider of data governance and data protection services for enterprises and organizations in the financial services, healthcare, insurance, retail, and government sectors. Infolock can be found at and @infolocktech.


Jenn Conrad, 202-750-4656

Release Summary

Infolock and the Center for Internet Security (CIS) have released a Data Risk Best Practices addendum to the CIS Controls v7.


Jenn Conrad, 202-750-4656