CIS Center for Internet Security

Blog Post: Verizon DBIR: Ransomware and the Public Sector

See all the latest

Alert Level: GUARDED

Low

Guarded

Elevated

High

Severe

Learn More

Resource Guide for Cybersecurity During the COVID-19 Pandemic

This resource guide highlights common COVID-19 related cyber-attacks and provides resources for improving cyber hygiene to enhance cyber defenses.

Learn More

CIS harnesses the power of a global IT community to safeguard public and private organizations against cyber threats.

Join MS-ISAC

Join EI-ISAC

The MS-ISAC & EI-ISAC are focal points for cyber threat prevention, protection, response, & recovery for U.S. State, Local, Tribal, & Territorial government entities. CIS is the home of the MS-ISAC and EI-ISAC.

Resource Guide for Cybersecurity During the COVID-19 Pandemic

This resource guide highlights common COVID-19 related cyber-attacks and provides resources for improving cyber hygiene to enhance cyber defenses.

Learn More

CIS harnesses the power of a global IT community to safeguard public and private organizations against cyber threats.

Join MS-ISAC

Join EI-ISAC

Start Secure, Stay Secure

A CIS SecureSuite Membership combines the CIS Benchmarks, CIS Controls, and CIS-CAT Pro into one powerful cybersecurity resource for businesses, nonprofits, and governmental entities.

Join Now

Consensus-developed secure configuration guidelines for hardening.

Download

Develop and update secure configuration guidelines for 14 technology groups.

Join a Community

Prescriptive, prioritized, and simplified set of cybersecurity best practices.

Download

Refine and verify best practices, related guidance, and mappings.

Join a Community

Learn More

Start Secure. Stay Secure.^®

Membership combines and automates the CIS Benchmarks, CIS Controls, and CIS-CAT Pro into a powerful and time-saving cybersecurity resource.

CIS-CAT Pro enables users to assess conformance to best practices and improve compliance scores over time.

“It is the most important membership for the compliance review of information security available in the market today.”

— Senior Manager, Information Security & Compliance International Public Service & Communications Agency

Consensus-based Guidelines

CIS Benchmarks and CIS Controls are consensus-based guides curated by security practitioners focused on performance, not profit.

Objective Standards

Our security best practices are referenced global standards verified by an objective, volunteer community of cyber experts.

Secure Online Experience

CIS is an independent, non-profit organization with a mission to provide a secure online experience for all.

Information Hub

What's New

White paper • 22 May 2020

CIS Controls Cybersecurity Maturity Model Certification Mapping

Advisory • 22 May 2020

A Vulnerability in Cisco Unified Contact Center Express Could Allow for Remote Code Execution

Blog post • 21 May 2020

Verizon DBIR: Ransomware and the Public Sector

Media mention • 20 May 2020

The Future of Cybersecurity – Tony Sager

Blog post • 19 May 2020

2020 Verizon DBIR Includes CIS Data and Mappings

White paper • 19 May 2020

2021 Cybersecurity Calendar

Daily tip

Beware of Rogue Anti-Virus Software

Rogue software, or "scareware," is fake antivirus or security software. Bad guys usually try to get you to install it by generating a pop-up window as you surf the web. The "updates" or "alerts" in the pop-up windows call for you to take some sort of action, such as clicking to install the software. When you click, the rogue security software downloads to your computer.

Center for Internet Security®