Supporting Your Secure Cloud Goals: Our 2023 Year in Review

 

By: Mia LaVada, Product Manager of CIS Benchmarks and Cloud

 

As 2023 wrapped up, you might have taken a moment to review all you did to secure your organization’s cloud environments last year. My team and I did something like this, only we looked at it from the perspective of how we helped you meet your cloud security goals. Several initiatives and releases stood out from our year in review.

3 Releases that Advance Your Cloud Security

A core part of the CIS Hardened Images® is to release new images that match the updated security recommendations of the CIS Benchmarks™. When vendors release new versions of their operating systems (OSes), our community of experts works to update existing Benchmarks to reflect those changes or to create entirely new Benchmarks. The Cloud Security Team then uses that guidance to create corresponding pre-hardened virtual machine images (VMIs) for use on major cloud service provider (CSP) platforms.

Want to learn more about how we create the CIS Hardened Images from the CIS Benchmarks? Check out our video below.

 

 

We’re not just releasing new images randomly, however. We’re listening to you to learn what can help you best succeed with your cloud security efforts. We’re also listening to other customers to identify common goals so that our releases can make the biggest impact.

With that in mind, here are three of the most notable CIS Hardened Images releases from 2023.

Amazon EKS-Optimized Amazon Linux 2

This is the first time we offered a Hardened Image for a container-optimized OS. We created this release because we wanted to help you save time and money on your cloud security efforts if you're using Amazon Linux 2 with your container workloads.

Amazon Linux 2023

So many of you use Amazon Linux 2023, and many of you asked us to create a corresponding Hardened Image. We heard you, and we did!

Microsoft Windows 10 and 11 on the Azure Marketplace

Previously, we offered Hardened Images only for Windows Servers. This release marked the first pre-hardened VMIs available for Windows Desktop OSes on Azure Marketplace.

Visualize What’s Changed through CIS Hardening

Beyond the releases above, 2023 was a monumental year because it was the first time we made fundamental changes to the CIS Hardened Images by adding some new reporting capabilities. Of note, we added an out-of-the-box configuration report to all our Hardened Images. We implemented this change to help you see the compliance score for a base OS and its related packages prior to us hardening it. With that information, you could better understand the impact of using a Hardened Image to secure your OS and the changes made each month when we patch and update the images.

Power Your Cloud Security Efforts with the Functionality You Need

Additionally, 2023 was the first year we tested compatibility with popular cloud services. We specifically evaluated the Hardened Images with Azure Monitor Agent and EC2 Image Builder. We chose these cloud services to make sure your efforts to secure the cloud didn't affect important functionalities such as monitoring and automating your golden image build process.

A Cloudy 2024 Demands Even More Security

Cloud usage isn't expected to decline in 2024. On the contrary, Statista reported that the public cloud services market will grow by 20% between 2022 and 2024. Infrastructure as a Service (IaaS) will experience even greater growth at a rate of 32.7% during that same time period. 

Acknowledging this, we’re excited to release images that will help you secure your operating systems in the cloud, to expand our initiatives from last year, and to find new ways to support you in your cloud security journey. Remember that we rely on you for all this work. Want to see something? Please reach out to me and the Cloud Security team. We’ll see what we can do and let you know.

Ready to simplify your cloud security efforts?

 


About the Author

Mia LaVada
Product Manager, CIS Benchmarks and the Cloud

Mia LaVada head shotMia LaVada is a product manager for the CIS Benchmarks and Cloud products at the Center for Internet Security (CIS). She has been with CIS since June 2019. As a strong believer in the power of community, LaVada regularly works with CIS Members to help ensure CIS addresses the needs of the global cybersecurity community. She’s also particularly passionate about finding solutions to further secure the ever-changing cloud ecosystem.