×
Why CIS Solutions Join CIS Resources
CIS WorkBench Sign-in CIS WorkBench Sign In Cloud Security CIS Cloud Security Support CIS Support


Why CIS

Who We Are

CIS is an independent, nonprofit organization with a mission to create confidence in the connected world



About Us Leadership Principles Testimonials

Solutions

secure your organization
Secure Your Organization


secure specific platforms
Secure Specific Platforms


cis securesuite CIS SecureSuite®
u s state local tribal and territorial governments
U.S. State, Local, Tribal & Territorial Governments


View All Products & Services  

Join CIS

Get Involved

Join CIS as a member, partner, or volunteer - or explore our career opportunities



CIS SecureSuite® Membership Multi-State ISAC (MS-ISAC®) Elections Infrastructure ISAC (EI-ISAC®) CIS CyberMarket® Vendors CIS Communities Careers

Resources

resources
Secure Your Organization


learn
Learn


filter by topic
Filter by Topic


View All Resources  
CIS Logo Show Search Expand Menu

CIS Controls v8

CIS Controls v8 offers prescriptive, prioritized, and simplified cybersecurity best practices that provide a clear path to improve an organization’s cyber defense program.

The presentation of each Control in this document includes the following elements:

  • Overview. A brief description of the intent of the Control and its utility as a defensive action
  • Why is this Control critical? A description of the importance of this Control in blocking, mitigating, or identifying attacks, and an explanation of how attackers actively exploit the absence of this Control
  • Procedures and tools. A more technical description of the processes and technologies that enable implementation and automation of this Control
  • Safeguard descriptions. A table of the specific actions that enterprises should take to implement the Control

CIS-Controls-v8-Cover