CIS Logo
tagline: Confidence in the Connected World

CIS Launches Implementation Guide for Small and Medium-sized Enterprises (SME) for CIS Controls

Sept. 14, 2017

East Greenbush, NY

CIS will host a webinar on the guide at 2 p.m. EST, Wednesday, Sept. 27, 2017

CIS releases an Implementation Guide for Small and Medium-Sized Enterprises (SMEs) for the CIS Controls™ today. A webinar to highlight the Guide will be held on Wednesday, September 27.

“This Guide is a direct response to requests from small and mid-sized enterprises that asked us for guidance on how to implement the CIS Controls,” said Tony Sager, CIS Senior Vice President, and Chief Evangelist. “Recognizing these enterprises have limited resources, we made sure the new Guide outlined a variety of free or low-cost tools, and steps that can be implemented to improve cybersecurity,” he added. Visit

At 2 p.m. EST on September 27, the “Cybersecurity for Small and Medium-Sized Enterprises Using the CIS Controls” webinar will empower owners of small and medium-sized enterprises to protect their businesses with a number of high-priority actions based on the CIS Controls. Taking the approach that not every small business owner is an IT wizard or cybersecurity ninja, this webinar will present some solutions for the security challenges faced by SMEs. Visit  to register for the webinar.

The webinar will feature several of the contributors to the Implementation Guide for Small and Medium-Sized Enterprises, which was developed by experts in the security community who understand the issues facing small and medium enterprises. CIS relies on the contributions of volunteer practitioners who develop CIS products such as the CIS Benchmarks, CIS Controls, and related security guides.

The CIS Controls, a prioritized list of essential actions organizations can take to protect their networks, are a leading cybersecurity approach referenced in the NIST Cybersecurity Framework. To date, the CIS Controls have been downloaded more than 85,000 times. They are available as a free download at

About CIS

CIS is a forward-thinking, non-profit entity that harnesses the power of a global IT community to safeguard private and public organizations against cyber threats. Our CIS Controls and CIS Benchmarks are the global standard and recognized best practices for securing IT systems and data against the most pervasive attacks. These proven guidelines are continuously refined and verified by a volunteer, global community of experienced IT professionals. CIS is home to the Multi-State Information Sharing & Analysis Center® (MS-ISAC®), the go-to resource for cyber threat prevention, protection, response, and recovery for U.S. State, Local, Tribal, and Territorial government entities. Visit CIS at and follow us on Twitter @CISecurity.