Learn about the CIS Controls


                Start by downloading the CIS Controls™

The CIS Controls are a prioritized set of actions developed by a global IT community. They help protect organizations and their data from known cyber attack vectors. This set of best practices is trusted by security leaders in both the private and public sector and help defeat over 85% of common attacks.
Download CIS Controls V7.1 (read FAQs)

                 Learn how the CIS Controls are developed

In an ever-growing mix of hundreds of potential cybersecurity concerns and even more proposed solutions, CIS applies the Pareto Principle – the concept that for many activities, roughly 80% of the effects come from 20% of the causes– to help prioritize cybersecurity actions.
Download A Prioritized Approach using the Pareto Principle


How to get involved in a CIS Communitycontrols-community-Icon

At the foundation of CIS, we believe in creating community-driven best practices to help organizations and individuals around the globe.
Get involved by joining CIS WorkBench


CIS-Controls-Case-study Interested in seeing how others implement the CIS Controls?

Industry professionals and organizations all around the world utilize the CIS Controls to enhance their organization's cybersecurity posture. Check out recent case studies to learn more.
Read CIS Controls Case Studies


                CIS Controls V7 Poster

CIS PosterLearn about the basic, foundational, and organizational breakdown of the CIS Controls along with 5 keys for building a cybersecurity program with this downloadable poster.
Download CIS Controls V7 Poster

                Assess Your Implementation of the CIS Controls

The CIS Controls Self-Assessment Tool, or CIS CSAT, is a free web application that enables security leaders to track and prioritize their implementation of the CIS Controls.

CIS Controls logo