CIS Logo
tagline: Confidence in the Connected World

CIS Hardened Image Usage on GCP Quadruples in 2019

CIS Hardened Images See 82% increase from 2018 to 2019

EAST GREENBUSH, N.Y., Mar. 25, 2020 – As more businesses are moving to the cloud as a way to reduce costs, offer more flexibility and scalability to their operations, and improve data security, CIS Hardened Images make the transition easier. In 2019, CIS Hardened Images® consumers clocked more than seven million computed usage hours on Google Cloud Platform (GCP), up from a little over one million in 2018; that’s an increase of 82 percent.

GCP announced general availability of its Shielded VMs (virtual machines) last year during Google Cloud Next ’19 in San Francisco. Using Shielded VMs helps you protect your system from attack vectors and ensures your organization is only using supported images. There are currently more than 20 CIS Hardened Images available on Shielded VMs for operating systems (OS) like CentOS Linux, Ubuntu Linux, and Microsoft Windows.

Additionally, CIS and GCP recently released CIS PostgreSQL 11 on CentOS Linux 7 Benchmark - Level 1. The image of PostgreSQL 11 on CentOS Linux 7 is built on Google's Shielded VM and preconfigured by CIS to the recommendations in the associated CIS Benchmarks.

“We are extremely proud to offer our Hardened Images on platforms such as GCP and the other major cloud service providers,” said Curtis Dukes, CIS Executive Vice President of Security Best Practices & Automation Group. “The continued growth makes it clear that users see a value in a consensus based, secure configuration.”

CIS Hardened Images available on GCP are currently being used in 68 different countries and 38 U.S. states, providing users with a secure, on-demand, and scalable computing environment.

“We expect usage of our hardened images to continue to rise in 2020 as more users see the security benefit of shielded VMs,” said Dukes.

The most popular Hardened Images available on GCP in 2019 were:

  • CIS CentOS Linux 7 Benchmark - Level 1
  • CIS Ubuntu Linux 16.04 Benchmark - Level 1
  • CIS Microsoft Windows Server 2016 Benchmark- Level 1
  • CIS CentOS Linux 7 Benchmark - Level 1 on g1-small
  • CIS Red Hat Enterprise Linux 7 Benchmark - Level 1
  • CIS Ubuntu Linux 18.04 Benchmark - Level 1
  • CIS Microsoft Windows Server 2016 - Level 2
  • CIS Microsoft Windows Server 2008 R2 - Level 1

CIS Hardened Images are virtual machine images pre-configured to applicable CIS Benchmark recommendations. CIS Benchmarks and their corresponding Hardened Images are used by thousands of organizations for compliance support with DoD Cloud Computing SRG, FedRAMP, PCI DSS, NIST, and HIPAA standards. They help mitigate common threats such as malware, insufficient authorization, and remote intrusion, and are updated every month to address patching and vulnerabilities.

For a complete list of CIS Hardened Images available on GCP visit: https://www.cisecurity.org/cis-hardened-image-list/

About CIS:

The Center for Internet Security, Inc. (CIS®) makes the connected world a safer place for people, businesses, and governments. We are a community-driven nonprofit, responsible for the CIS Controls® and CIS Benchmarks, globally recognized best practices for securing IT systems and data. We lead a global community of IT professionals to continuously refine these standards to proactively safeguard against emerging threats. Our CIS Hardened Images® provide secure, on-demand, scalable computing environments in the cloud. CIS is home to the Multi-State Information Sharing and Analysis Center® (MS-ISAC®), the trusted resource for cyber threat prevention, protection, response, and recovery for U.S. State, Local, Tribal, and Territorial (SLTT) government entities, and the Elections Infrastructure Information Sharing and Analysis Center® (EI-ISAC®), which supports the cybersecurity needs of U.S. elections offices. To learn more, visit CISecurity.org or follow us on Twitter: @CISecurity.

Contact: Autum Pylant, CIS Senior Communications Specialist

media@cisecurity.org