CIS Logo
tagline: Confidence in the Connected World
Pencil Blog Post: 7 Reasons Tabletop Exercises Are A Must Arrow See all the latest Arrow

CIS harnesses the power of a global IT community to safeguard public and private organizations against cyber threats.


The MS-ISAC® & EI-ISAC™ are focal points for cyber threat prevention, protection, response, & recovery for U.S. State, Local, Tribal, & Territorial government entities. CIS is home to the MS-ISAC & EI-ISAC.

New Elections Resource Arrow

MS ISAC Background Image

Robust automated configuration assessment tool rapidly identifies vulnerabilities with coverage for 80+ CIS Benchmarks.

Proven CIS Benchmarks guidelines to protect over 100 distinct systems & platforms.

20 prioritized actions to beat the vast majority of the most common attacks.

Start Secure, Stay Secure A CIS SecureSuite Membership combines and automates the CIS Benchmarks, CIS Controls, and CIS-CAT Pro into one powerful, time-saving cybersecurity resource for businesses, nonprofits, and governmental entities.

  • Leverage remediation content for rapid CIS Benchmark implementation
  • Connect with CIS staff and developers for technical support
“It is the most important membership for the compliance review of information security available in the market today.”
— Senior Manager, Information Security & Compliance International Public Service & Communications Agency

Consensus-based Guidelines

CIS Benchmarks and CIS Controls are consensus-based guides curated by security practitioners focused on performance, not profit.

Objective Standards

Our security best practices are referenced global standards verified by an objective, volunteer community of cyber experts.

Secure Online Experience

CIS is an independent, non-profit organization with a mission to provide a secure online experience for all.

Information Hub

Daily tip

Know What Information Is Being Collected When You Visit a Website

When visiting unknown websites, be vigilant about protecting your identity. Remember that some information is automatically made visible to the site. If the site you're visiting is malicious, the files on your computer, as well as passwords stored in the temporary memory, may be at risk.