
CIS Controls Mastery Course for MSPs
CIS Controls Mastery Course for MSPs is presented by John Strand, Founder of Black Hills Information Security, and a three-way partnership between Antisyphon Training, CIS, and Right of Boom.
What You'll Learn
With real-world scenarios and actionable insights, you'll gain the skills to protect critical infrastructure from modern cyber threats. This course provides in-depth training on the CIS Controls, covering:

Enterprise Asset Inventory
Learn to document and manage all devices connected to your network.
Software Asset Management
Identify, monitor, and secure your organization's software to reduce vulnerabilities.
Data Protection
Explore strategies for securing sensitive data across its lifecycle.
Secure Configuration
Discover best practices for hardening software and hardware configurations.
What You Need to Know
Why CIS Controls Matter
Protecting critical infrastructure requires more than just reactive measures – it demands a proactive, structured approach. That's where the CIS Controls come in. Developed by cybersecurity experts, these best practices provide a clear roadmap for reducing risk, achieving compliance, and building resilience against evolving threats. By focusing on actionable steps, the CIS Controls empower organizations to safeguard the vital systems that millions rely on daily, from power grids to communication networks. With Boom U, you'll gain the knowledge and skills to implement these controls effectively, ensuring your organization is ready to face today's cybersecurity challenges.
Through hands-on exercises and expert guidance, this course empowers you to implement the controls effectively.
Reducing Risk
Prioritize actions that significantly lower the likelihood of cyber incidents.
Improving Compliance
Align your organization with leading security standards and regulations.
Boosting Resilience
Enhance your defenses against emerging threats and advanced attacks.
Protecting Critical Systems
Safeguard infrastructure that millions depend on every day.
Key Topics Covered
This comprehensive course dives into the following CIS Controls and their applications:
Control 1
Inventory and control of enterprise assets to identify all devices on your network.
Control 3
Data protection strategies, including encryption and secure handling protocols.
Control 6
Access control management to enforce the principle of least privilege.
Control 10
Malware defenses, combining automated tools and best practices to prevent attacks.
Control 16
Application software security to safeguard against vulnerabilities in critical software.
Additional topics include incident response planning, penetration testing, and network monitoring, providing a holistic approach to defending critical infrastructure.
About Your
Instructor

John Strand • Founder of Black Hills Information Security
John Strand has both consulted and taught hundreds of organizations in the areas of security, regulatory compliance, and penetration testing. He is a coveted speaker and much-loved SANS teacher. John is a contributor to the industry-shaping Penetration Testing Execution Standard and 20 Critical Controls frameworks.
Boom U Courses

Getting Started in Security with BHIS and MITRE ATT&CK
Through practical labs, you'll learn the essential attacks and defenses every security professional needs to succeed.

SOC Core Skills with John Strand
Gain essential SOC analyst skills, from networking to incident response, with expert-led training available On-Demand or through Live sessions.