×
Why CIS Solutions Join CIS Resources
CIS WorkBench Sign-in CIS WorkBench Sign In CIS Hardened Images CIS Hardened Images Support CIS Support


Why CIS

Who We Are

CIS is an independent, nonprofit organization with a mission to create confidence in the connected world


About Us Leadership Principles Testimonials

Solutions

secure your organization
Secure Your Organization

CIS Controls®

Prioritized & simplified best practices

CIS Controls Community

Help develop and maintain the Controls

CIS RAM

Information security risk assessment method

CIS CSAT

Assess & measure Controls implementation
secure specific platforms
Secure Specific Platforms

CIS Benchmarks

100+ vendor-neutral configuration guides

CIS Benchmarks Community

Develop & update secure configuration guides

CIS-CAT®

Assess system conformance to CIS Benchmarks

CIS Hardened Images®

Virtual images hardened to CIS Benchmarks
cis securesuite CIS SecureSuite®

Start secure and stay secure with integrated cybersecurity tools and resources designed to help you implement CIS Benchmarks and CIS Controls

Learn More      Apply Now  
u s state local tribal and territorial governments
U.S. State, Local, Tribal & Territorial Governments

Memberships
MS-ISAC®

Cybersecurity resource for SLTT Governments

EI-ISAC®

Election-focused cyber defense suite

Services for Members
Albert Network Monitoring®

Cost-effective Intrusion Detection System

Managed Security Services

Security monitoring of enterprises devices

CIS Endpoint Security Services

Device-level protection and response

CIS CyberMarket®

Savings on training and software

Malicious Domain Blocking & Reporting

Prevent Connection to harmful web domains

View All CIS Services  
View All Products & Services  

Join CIS

Get Involved

Join CIS as a member, partner, or volunteer - or explore our career opportunities


CIS SecureSuite® Membership Multi-State ISAC (MS-ISAC®) Elections Infrastructure ISAC (EI-ISAC®) CIS CyberMarket® Vendors CIS Communities Careers

Resources

resources
Resources

Blog Advisories Newsletters Press Releases In The News Elections Resources
learn
Learn

White Papers Webinars Case Studies Spotlights
filter by topic
Filter by Topic

CIS Benchmarks CIS Controls® CIS Hardened Images® CIS Services® MS-ISAC® EI-ISAC®
View All Resources  
CIS Logo Show Search Expand Menu
Topic
Type



Blog post
The CIS Controls Privacy Guide offers best practice guidance for implementing the CIS Controls as they apply to privacy.



White paper
The Privacy Guide aligns privacy principles and highlighting potential privacy concerns that may arise through the usage of the CIS Controls.



White paper
CIS RAM is an information security risk assessment method that helps organizations implement and assess their security posture against the CIS Controls.



Blog post
CIS Risk Assessment Method v2.1 for IG2 is designed to help justify investments for reasonable implementation of the CIS Critical Security Controls (CIS Controls).



Blog post
CIS RAM v2.1 is made up of a family of documents, starting with the bare essentials and additional documents for each Implementation Group.



Webinar
An overview of how to conduct a risk assessment using CIS RAM 2.1 for CIS Critical Security Controls (CIS Controls) Implementation Group 2.



Blog post
The CIS Controls v8 introductory course available on Trailhead offers a 50-minute overview on managing cybersecurity risks using the CIS Controls.



White paper
The Winter 2021 issue of Cybersecurity Quarterly focuses on sharing resources in the cybersecurity community, solving the challenge of security interoperability, and more.



White paper
Download this whitepaper for methodology used to map the CIS Controls to FS.31 GSMA Baseline Security Controls v2.0.



White paper
The CIS Controls v8 Mapping to Azure Security Benchmark offers high-impact guidance to mitigate threats on a cloud-based architecture.



Blog post
CIS Controls team releases a guide for the Windows Management Instrumentation (WMI) protocol .



White paper
Windows Management Instrumentation (WMI) Remote Protocol, and the Safeguards an enterprise can implement, in part or whole, to reduce their attack surface or detect anomalies associated with the exploitation of WMI.



Media mention
When it comes to technology plans , state and local government IT leaders are feeling the pinch because of global supply chain delays.



Blog post
Microsoft Azure Security Benchmark v3 maps to CIS Critical Security Controls v8 showing its applicability to an enterprise’s cybersecurity program regardless of architecture.



Blog post
In this week's podcast, we welcome Thordis Thorsteins from Panaseer to discuss the importance of collecting accurate data and automating as much of the process as possible.


1 2 3 25
Subscribe Arrow