Why CIS Solutions Join CIS Resources
CIS WorkBench Sign-in CIS WorkBench Sign In CIS Hardened Images CIS Hardened Images Support CIS Support


Who We Are

CIS is an independent, nonprofit organization with a mission to create confidence in the connected world

About Us Leadership Principles Testimonials


secure your organization
Secure Your Organization

secure specific platforms
Secure Specific Platforms

cis securesuite CIS SecureSuite® Learn More      Apply Now  
u s state local tribal and territorial governments
U.S. State, Local, Tribal & Territorial Governments

View All Products & Services  

Join CIS

Get Involved

Join CIS as a member, partner, or volunteer - or explore our career opportunities

CIS SecureSuite® Membership Multi-State ISAC (MS-ISAC®) Elections Infrastructure ISAC (EI-ISAC®) CIS CyberMarket® Vendors CIS Communities Careers




filter by topic
Filter by Topic

View All Resources  
CIS Logo Show Search Expand Menu

CIS Controls v8

CIS Critical Security Controls v8 offers prescriptive, prioritized, and simplified cybersecurity best practices that provide a clear path to improve an organization’s cyber defense program.

The presentation of each Control in this document includes the following elements:

  • Overview. A brief description of the intent of the Control and its utility as a defensive action
  • Why is this Control critical? A description of the importance of this Control in blocking, mitigating, or identifying attacks, and an explanation of how attackers actively exploit the absence of this Control
  • Procedures and tools. A more technical description of the processes and technologies that enable implementation and automation of this Control
  • Safeguard descriptions. A table of the specific actions that enterprises should take to implement the Control