Why CIS Solutions Join CIS Resources
CIS WorkBench Sign-in CIS WorkBench Sign In Support CIS Support


Who We Are

CIS is an independent, nonprofit organization with a mission to create confidence in the connected world

About Us Leadership Principles Testimonials


Secure Your Organization

Secure Specific Platforms

U.S. State, Local, Tribal & Territorial Governments

View All Products & Services  

Join CIS

Get Involved

Join CIS as a member, partner, or volunteer - or explore our career opportunities

CIS SecureSuite® Membership Multi-State ISAC (MS-ISAC®) Elections Infrastructure ISAC (EI-ISAC®) CIS CyberMarket® Vendors CIS Communities Careers


Secure Your Organization


Filter by Topic

View All Resources  
CIS Logo Show Search Expand Menu

NIST CSF is a set of voluntary standards, guidelines, best practices, and recommendations for managing cybersecurity risk at an organizational level.

A captcha is a challenge-response test to determine if a user is a human. These tests are often based on visual-perception tasks.

Doxing is the malicious identification and online publication of information about an individual. It can include PII or other sensitive content.

Business Email Compromise (BEC) scams attempt to deceive organizations into sending money or sharing PII to a malicious actor.

Backups are a copy of a system or network’s data for file restoration or archival purposes and are essential for data protection and recovery.

Multi-factor authentication is a digital authentication method that requires two or more distinct authentication factors for successful authentication.

Malware is a malicious software that enters a system via email or suspicious websites.It is designed to perform malicious actions on a device.

Malicious email campaigns attempt to trick a recipient into revealing confidential information, downloading malware, or sending money.

A web attack targets vulnerabilities in websites to gain unauthorized access, obtain confidential information, introduce malicious content, and more.

What it is Spoofing occurs when cyber threat actors seek to disguise their true identity by falsifying the sender of the message in order to trick

What it is Bots are automated applications or scripts designed to perform repetitive tasks without requiring human input Overall, bot activity

Within the information security community, the term hacker does not always have a negative connotation and not all hacking is considered inherently bad.

What is it Social engineering is the use of deception to manipulate individuals into providing a particular response, generally for a fraudulent or

What is it An email bomb is an attack against an email inbox or server designed to overwhelm an inbox or inhibit the server’s normal function,

What is it Phishing occurs when malicious actors masquerade as legitimate entities during electronic communication in an attempt to compromise

1 2 3 4