search menu icon-carat-right cmu-wordmark

Cyber Hygiene: A Baseline Set of Practices

The CERT Division's Cybersecurity Hygiene is a set of 11 practice areas for managing the most common and pervasive cybersecurity risks faced by organizations.

Software Engineering Institute


CERT-RMM and its resilience management methodologies help organizations consider resilience to be a foundational property of all policies, plans, processes, and procedures. CERT-RMM has more than 200 resilience management practices spread across 26 process areas, ranging from Asset Definition and Management, to External Dependencies Management, to Vulnerability Analysis and Resolution. Though all the CERT-RMM practices are important for an organization’s viability and sustainability, they are a lot for an organization to absorb. That’s why we’ve introduced the 11 cyber hygiene areas, which comprise 41 CERT-RMM practices that are paramount to every organization’s success. This presentation details each of the 11 cyber hygiene areas.