Navigant's Cyber Risk and Information Security PracticeLearn More

Ask the Expert

Have a question that only a cyber security expert can answer? Enter it below, or use our hashtag #askCOMPASScyber on social media, and we’ll give you our best advice.

What are the CIS CSC controls?

The Center for Internet Security’s Critical Security Controls (CIS CSC) are a set of 20 information security controls that are deemed the most important and impactful to protect an organization’s data. Applying just the first 5 can dramatically reduce an organization’s risk of a data breach. These controls are designed to safeguard businesses against common attack vectors. COMPASS helps organizations comply with these standards.

Why should I update my devices?

The regular updating of software applications (patch management) to correct bugs and security vulnerabilities is critical to minimize the likelihood of a security incident. Hackers exploit software vulnerabilities to access an organization’s information technology infrastructure and ultimately exfiltrate data.

What are the top cybersecurity threats?

The top threats for the 1st half of 2017 were business email compromise (BEC), phishing/spear phishing, and ransomware. Hackers continue to exploit the human element of organizations to access and steal sensitive data.


COMPASS posts all submitted questions anonymously to ensure confidentiality.

First Name

Last Name


Your Question

Have a Question? Contact Us