Limited Time Offer: Save up to 20% on a new CIS SecureSuite Membership | Learn more
Why CIS Solutions Join CIS Resources
CIS WorkBench Sign-in CIS WorkBench Sign In CIS Hardened Images CIS Hardened Images Support CIS Support


Who We Are

CIS is an independent, nonprofit organization with a mission to create confidence in the connected world

About Us Leadership Principles Testimonials


secure your organization
Secure Your Organization

secure specific platforms
Secure Specific Platforms

cis securesuite CIS SecureSuite® Learn More      Apply Now  
u s state local tribal and territorial governments
U.S. State, Local, Tribal & Territorial Governments

View All Products & Services  

Join CIS

Get Involved

Join CIS as a member, partner, or volunteer - or explore our career opportunities

CIS SecureSuite® Membership Multi-State ISAC (MS-ISAC®) Elections Infrastructure ISAC (EI-ISAC®) CIS CyberMarket® Vendors CIS Communities Careers




filter by topic
Filter by Topic

View All Resources  
CIS Logo Show Search Expand Menu

The key difference between the CIS Controls and other frameworks is their organization of the controls into "Implementation Groups" (IGs).

Looking back at the roles she’s had, Moriarty said she sees them as evolution, “where knowledge and experience gained has opened the door for the next role.”

According to a 2018 CBIA survey, nearly one-quarter of Connecticut businesses experienced a data breach or cyber-attack in the previous two years.

The v8 release is not just an update to the Controls; the whole ecosystem surrounding the Controls has been (or soon will be) updated as well.

Resources play an important role, something that can benefit larger enterprises, but bigger doesn’t always equal better for cloud security.

Safeguarding public cloud environments is a shared responsibility. Cloud customers should use CIS Benchmarks to ensure cloud security at the account level.

The primary method of cyberattacks has been unsophisticated spear-phishing campaigns to infect networks with malicious ransomware.

The state’s CDPA serves as a benchmark for other governments to assess their data privacy practices and prepare for similar legislation.

According to a new NASCIO, NASPO, and CIS guide, the complexity of technology over the last twenty years has made the acquisition process complex as well.

As Container security evolved into Kubernetes security, the foundation for cloud-native security today, enterprises rapidly increased adoption.

Combining security practices honed for your on-premises environment with recommendations from CIS’s AWS Foundations Benchmark Policy can drastically reduce your cloud risk.

Both private-sector vendors and public agencies have a responsibility to rally around a security baseline with their ransomware efforts.

From an economics point of view, solutions that can be simultaneously implemented across both IT and OT environments is a good place for a utility to start.

Organizations today need to comply with multiple policy, regulatory, and legal security frameworks, which can be difficult and time consuming.

While it's difficult to be completely protected from phishing, there are some rules to follow that can help keep you from handing over personal details.

1 2 3 4 27