CIS Controls™ Version 6 Downloads Reach 100,000 Milestone

February 7, 2018

Rosslyn, Virgina

Internationally recognized cybersecurity standard has been downloaded 100,000 times.

The CIS Controls V6 (CIS Controls) met an important milestone today–100,000 downloads. The CIS Controls are a recommended set of actions for cyber defense that provide specific and actionable ways to thwart the most pervasive attacks. They are a relatively short list of high-priority, highly effective defensive actions that provide a “do-first” starting point for every enterprise seeking to improve their cyber defense.

“This achievement underscores the excellent work of our volunteer community of global adopters, vendors, and supporters who work tirelessly to contribute the CIS Controls,” said Tony Sager, CIS Senior Vice President and Chief Evangelist for the CIS Controls. Thanks to them, the CIS Controls continues to be the best vendor agnostic resource for cyber defense based on known cyber-attacks,” he added.

Since their initial release in 2008, the CIS Controls have been maintained by a panel of security experts, organized and led by CIS. These include practitioners from across government, industry, and academia – each bringing deep technical understanding from across multiple viewpoints (e.g., vulnerability, threat, defensive technology, tool vendors, enterprise management). In addition to public feedback, CIS reaches out to numerous CIS Controls adopters, security vendors, and threat intelligence analysts to ensure each version of the CIS Controls considers all viewpoints before selecting the most effective set of controls.

CIS is finalizing updates and revisions for the March 2018 release of CIS Controls Version 7.

CIS (The Center for Internet Security®) is a forward-thinking, non-profit entity that harnesses the power of a global IT community to safeguard private and public organizations against cyber threats. Our CIS Controls and CIS Benchmarks™ are the global standard and recognized best practices for securing IT systems and data against the most pervasive attacks. These proven guidelines are continuously refined and verified by a volunteer, global community of experienced IT professionals. CIS is home to the Multi-State Information Sharing & Analysis Center® (MS-ISAC®), the go-to resource for cyber threat prevention, protection, response, and recovery for U.S. State, Local, Tribal, and Territorial government entities. To learn more, visit or follow us on Twitter: @CISecurity.