Learn about the CIS Controls
Start by downloading the CIS Controls™
The CIS Controls are a prioritized set of actions developed by a global IT community. They help protect organizations and their data from known cyber attack vectors. This set of best practices is trusted by security leaders in both the private and public sector and help defeat over 85% of common attacks.
Download CIS Controls V7 (read FAQs)
Learn how the CIS Controls are developed
In an ever-growing mix of hundreds of potential cybersecurity concerns and even more proposed solutions, CIS applies the Pareto Principle – the concept that for many activities, roughly 80% of the effects come from 20% of the causes– to help prioritize cybersecurity actions.
Download A Prioritized Approach using the Pareto Principle
How to get involved in a CIS Community
At the foundation of CIS, we believe in creating community-driven best practices to help organizations and individuals around the globe.
Get involved by joining CIS WorkBench
Interested in seeing how others implement the CIS Controls?
Industry professionals and organizations all around the world utilize the CIS Controls to enhance their organization's cybersecurity posture. Check out recent case studies to learn more.
Read CIS Controls Case Studies
CIS Controls V7 Poster
Learn about the basic, foundational, and organizational breakdown of the CIS Controls along with 5 keys for building a cybersecurity program with this downloadable poster.
Download CIS Controls V7 Poster
Assess Your Implementation of the CIS Controls
The CIS Controls Self-Assessment Tool, or CIS CSAT, is a free web application that enables security leaders to track and prioritize their implementation of the CIS Controls.
Access CIS CSAT