CIS Logo
tagline: Confidence in the Connected World
Pencil Blog Post: How to Implement & Assess Your Cyber Hygiene Arrow See all the latest Arrow

Robust automated configuration assessment tool rapidly identifies vulnerabilities with coverage for 80+ CIS Benchmarks™.

Proven CIS Benchmarks™ guidelines to protect over 100 distinct systems & platforms.

Join the Community Arrow

20 prioritized actions to beat the vast majority of the most common attacks.

Start Secure, Stay Secure A CIS SecureSuite Membership combines and automates the CIS Benchmarks, CIS Controls, and CIS-CAT Pro into one powerful, time-saving cybersecurity resource for businesses, nonprofits, and governmental entities.

  • Leverage remediation content for rapid CIS Benchmark implementation
  • Connect with CIS staff and developers for technical support
“It is the most important membership for the compliance review of information security available in the market today.”
— Senior Manager, Information Security & Compliance International Public Service & Communications Agency

Consensus-based Guidelines

CIS Benchmarks and CIS Controls are consensus-based guides curated by security practitioners focused on performance, not profit.

Objective Standards

Our security best practices are referenced global standards verified by an objective, volunteer community of cyber experts.

Secure Online Experience

CIS is an independent, non-profit organization with a mission to provide a secure online experience for all.

Information Hub

What's New
CONTROL: 1 --- ADVISORY CONTROL: 0

Newsletter 15 Nov 2019
CONTROL: 2 --- ADVISORY CONTROL: 0
CONTROL: 3 --- ADVISORY CONTROL: 0
CONTROL: 4 --- ADVISORY CONTROL: 0
CONTROL: 5 --- ADVISORY CONTROL: 0
CONTROL: 6 --- ADVISORY CONTROL: 1
CONTROL: 6 --- ADVISORY CONTROL: 2
Daily tip

Keep Sensitive Data Secure

With major data breaches being reported all too frequently, organizations are now placing increased emphasis on the security of personal, private, and sensitive information. Encryption is especially important if you are trying to send sensitive information that other people should not be able to access. Because email messages are sent over the Internet and might be intercepted by an attacker, it is important to add an additional layer of security to sensitive information.