Why CIS Solutions Join CIS Resources
CIS WorkBench Sign-in CIS WorkBench Sign In CIS Hardened Images CIS Hardened Images Support CIS Support


Who We Are

CIS is an independent, nonprofit organization with a mission to create confidence in the connected world

About Us Leadership Principles Testimonials


secure your organization
Secure Your Organization

secure specific platforms
Secure Specific Platforms

cis securesuite CIS SecureSuite® Learn More      Apply Now  
u s state local tribal and territorial governments
U.S. State, Local, Tribal & Territorial Governments

View All Products & Services  

Join CIS

Get Involved

Join CIS as a member, partner, or volunteer - or explore our career opportunities

CIS SecureSuite® Membership Multi-State ISAC (MS-ISAC®) Elections Infrastructure ISAC (EI-ISAC®) CIS CyberMarket® Vendors CIS Communities Careers




filter by topic
Filter by Topic

View All Resources  
CIS Logo Show Search Expand Menu

The law takes effect on Oct. 1 and makes Connecticut the third state after Ohio and Utah to provide such incentives for implementing cyber frameworks.

Schools are facing these ransomware attacks with poorer cyber defenses than many private companies and far more vulnerabilities that hackers could exploit.

The guide shares that working with a trusted partner is the most efficient way for agencies to efficiently execute any security strategy.

Cybersecurity governance must be agile, allowing cybersecurity programs to evolve as new threats that require adaptations in risk management strategies emerge.

Businesses that follow one of the approved frameworks will have an “affirmative defense” against claims that a breach was the result of a “failure to implement reasonable cybersecurity controls.”

Running on public funding could make it difficult for schools to find the money for consistent cybersecurity investments from year to year.

Attestation can be conducted remotely and at scale, ensuring transparency of compliance with industry security controls and benchmarks.

The goal of CIS Controls V8 is to provide practical and specific actions that can spark creation of a better network security environment.

The key difference between the CIS Controls and other frameworks is their organization of the controls into "Implementation Groups" (IGs).

Looking back at the roles she’s had, Moriarty said she sees them as evolution, “where knowledge and experience gained has opened the door for the next role.”

According to a 2018 CBIA survey, nearly one-quarter of Connecticut businesses experienced a data breach or cyber-attack in the previous two years.

The v8 release is not just an update to the Controls; the whole ecosystem surrounding the Controls has been (or soon will be) updated as well.

Resources play an important role, something that can benefit larger enterprises, but bigger doesn’t always equal better for cloud security.

Safeguarding public cloud environments is a shared responsibility. Cloud customers should use CIS Benchmarks to ensure cloud security at the account level.

The primary method of cyberattacks has been unsophisticated spear-phishing campaigns to infect networks with malicious ransomware.

1 2 3 27