Limited Time Offer: Save up to 20% on a new CIS SecureSuite Membership | Learn more
Why CIS Solutions Join CIS Resources
CIS WorkBench Sign-in CIS WorkBench Sign In CIS Hardened Images CIS Hardened Images Support CIS Support


Who We Are

CIS is an independent, nonprofit organization with a mission to create confidence in the connected world

About Us Leadership Principles Testimonials


secure your organization
Secure Your Organization

secure specific platforms
Secure Specific Platforms

cis securesuite CIS SecureSuite® Learn More      Apply Now  
u s state local tribal and territorial governments
U.S. State, Local, Tribal & Territorial Governments

View All Products & Services  

Join CIS

Get Involved

Join CIS as a member, partner, or volunteer - or explore our career opportunities

CIS SecureSuite® Membership Multi-State ISAC (MS-ISAC®) Elections Infrastructure ISAC (EI-ISAC®) CIS CyberMarket® Vendors CIS Communities Careers




filter by topic
Filter by Topic

View All Resources  
CIS Logo Show Search Expand Menu

Information security governance helps mitigate risk and helps with guidance for security and compliance.

CIS has developed guidance to help enterprises mitigate the risk of attacks on exploitable protocols such as Server Message Block (SMB).

Download this guide for direct mitigations for SMB, as well as which best practices an enterprise can put in place to reduce the risk of an SMB-related attack. 

Part 2 of a 2-part series where we discuss first impressions of the CIS Controls v8 launch and feedback from the community.

The goal of CIS Controls V8 is to provide practical and specific actions that can spark creation of a better network security environment.

The key difference between the CIS Controls and other frameworks is their organization of the controls into "Implementation Groups" (IGs).

CIS Community Defense Model uses real-world attack technique data from the Verizon DBIR and MITRE ATT&CK to prioritize cybersecurity Safeguards.

The Center for Internet Security's 2020 Year in Review highlights all the efforts the cybersecurity nonprofit accomplished in its 20th year in business.

According to a 2018 CBIA survey, nearly one-quarter of Connecticut businesses experienced a data breach or cyber-attack in the previous two years.

The v8 release is not just an update to the Controls; the whole ecosystem surrounding the Controls has been (or soon will be) updated as well.

The v8 release is not just an update to the Controls; the whole ecosystem surrounding the Controls has been (or soon will be) updated as well.

The Center for Internet Security (CIS) officially launched CIS Controls v8, which was enhanced to keep up with evolving technology now including cloud and mobile technologies.

This document provides a detailed mapping of the relationships between CIS Controls v8 and NIST SP 800-171 Rev 2.

CIS Controls v8 are mapped to the Cybersecurity Maturity Model Certification (CMMC) levels to help organizations required to meet CMMC requirements.

CIS Controls v8
May 18, 2021

CIS Controls v8 offers prescriptive, prioritized, and simplified cybersecurity best practices that provide a clear path to improve an

1 2 3 4 5 24