Limited Time Offer: Save up to 20% on a new CIS SecureSuite Membership | Learn more
Why CIS Solutions Join CIS Resources
CIS WorkBench Sign-in CIS WorkBench Sign In CIS Hardened Images CIS Hardened Images Support CIS Support


Who We Are

CIS is an independent, nonprofit organization with a mission to create confidence in the connected world

About Us Leadership Principles Testimonials


secure your organization
Secure Your Organization

secure specific platforms
Secure Specific Platforms

cis securesuite CIS SecureSuite® Learn More      Apply Now  
u s state local tribal and territorial governments
U.S. State, Local, Tribal & Territorial Governments

View All Products & Services  

Join CIS

Get Involved

Join CIS as a member, partner, or volunteer - or explore our career opportunities

CIS SecureSuite® Membership Multi-State ISAC (MS-ISAC®) Elections Infrastructure ISAC (EI-ISAC®) CIS CyberMarket® Vendors CIS Communities Careers




filter by topic
Filter by Topic

View All Resources  
CIS Logo Show Search Expand Menu

CIS Benchmarks Volunteer Spotlight: Paul Campbell

This month CIS is sharing an interview with CIS Benchmarks volunteer Paul Campbell.

CIS values all of the volunteers who work hard to make sure the CIS Benchmarks and CIS Controls reflect a global knowledge base of the latest known cyber threats from IT professionals. This consensus process ensures CIS remains the objective, referenced standard for cybersecurity resources in industry, government, and academia.

We’ll be publishing profiles of the volunteers on the CIS website in coming months. Our goal is for you to learn more about the people behind the development of the CIS Benchmarks and CIS Controls.

Learn more about Paul’s involvement in the CIS Benchmarks in the following interview.

CIS: When did you become a member of the CIS Benchmarks volunteer community?

Paul: I joined the CIS Benchmarks community in March 2014. Like many contributors, I provided feedback through the public mechanism and was invited to join the volunteer community.

CIS: What are you working on now for the CIS Benchmarks?

Paul: 2017 has actually been my most active year with the CIS Benchmarks. With the Apple iOS community, I authored a new CIS Benchmark for iPhone and iPad deployments. Recently I joined in on creating a new CIS macOS Safari Benchmark. Plus, I’m always lurking on the macOS board to see what’s going on.

CIS: What and where is your present job?

Paul: I’m an information security consultant in Seattle, living on Bainbridge Island with my wife and toddler. My work rotates between CISO staff augmentation, risk assessment, and security program development. The firm I work with, Anitian, is a big supporter of community contribution and even allows allocating a percentage of work hours to community projects like the CIS benchmarks.

CIS: What do you think is the best thing about the CIS Benchmarks?

Paul: They contain practical security recommendations. The content comes from a diverse set of contributors and considers realistic threats. The CIS Benchmarks content is then presented as a series of recommendations, with rationales, that should be considered by the implementer and selected as appropriate to their use case. People need to think for themselves when implementing controls and the CIS Benchmarks processes and philosophy support that.

Arrow  Learn about the CIS Benchmarks