The Department of Residence (DoR) at Iowa State University houses over 13,000 students, and employs over 300 staff members. Department of Residence’s IT team is in charge of taking care of Information systems assets (data, servers, systems, IP Phones, networking devices, VMs and printers) that are used by the students and the staff members. It is imperative for the DoR to reduce total IT spending, and also to secure the infrastructure to keep hackers and cyber criminals at bay. Various cybersecurity solutions were discussed, and we finally decided to implement CIS-Security Framework. It was one of the most effective ways to tackle the needs of the Department. The Framework consists of a set of actionable Controls, and realizing just a few of these controls had a big impact on the department’s IT spending and infrastructure security. Two controls which were implemented are briefly mentioned below- The first cybersecurity control is to have an inventory of all the authorized and unauthorized hardware devices in the network, so that only authorized devices are given access. This includes a list of active data jacks that are in use as well as staff, student and departmental assets. The second cybersecurity control is having an inventory of all the authorized and unauthorized software installed in all the systems, so that only authorized software can be installed and executed. For now, implementing just the first two controls is enough to meet the financial and security goals of the Department. This work has bolstered the department wide security, and has an estimated annual savings of $200,000 per year. But in the future, it will be important for DoR to implement the rest of the Controls to compete with the changing threat landscape.