Qilin Top Ransomware Threat to SLTTs in Q2 2025
In Q2 2025, Qilin became the most active ransomware targeting U.S. SLTT government entities. Read the CIS CTI team's analysis to learn more.
Blog Feed - Center for Internet Security
Top External Network Risks And How to Fix Them
Learn about the top external network risks and recommendations to harden configurations from the CIS Cyber Threat Intelligence team.
CIS Controls Ambassador Spotlight: Eric Woodard
The CIS Controls Ambassador program is an initiative of the CIS that focuses on enhancing the adoption of key cybersecurity best practices.
CIS Benchmarks August 2025 Update
Here is an overview of the CIS Benchmarks that the Center for Internet Security (CIS) updated or released for August 2025.
Critical Infrastructure Caught in a Botnet
Cyber threat actors frequently use a botnet in their efforts to target U.S. critical infrastructure. Read on for how to defend your networks.
5 Cyber Questions Sheriffs & Police Chiefs Should Ask
Cyber threat actors continue to target law enforcement agencies. Here are five cyber questions LE executives can ask to evaluate their defenses.
Applying CIS Benchmarks to Harden Windows 11 VDI Systems
Learn how the CIS IT team successfully implemented CIS Benchmarks in a Virtual Desktop Infrastructure (VDI) environment—specifically focusing on Windows 11.
Automating the CIS Controls with OSCAL
Automation for Controls: Meet OSCAL, the Open Security Controls Assessment Language OSCAL, also known as the Open Security Controls Assessment.
Top 10 Malware Q2 2025
Total malware notifications from MS-ISAC monitoring services decreased 18% from Q1 2025 to Q2 2025. Read our Top 10 Malware Q2 2025 for more.
CIS Benchmarks July 2025 Update
Here is an overview of the CIS Benchmarks that the Center for Internet Security (CIS) updated or released for July 2025.
What Makes CIS Hardened Images Secure Enough for the U.S. IC
How do U.S. IC organizations strengthen their cloud security in a way that meets their needs? See how the CIS Hardened Images® can help.
Lay a Cybersecurity Foundation and Master CIS Controls IG1
Today’s digital threats don’t discriminate by size or sector. Building a solid cybersecurity foundation is no longer optional—it’s essential.
CIS Benchmarks June 2025 Update
Here is an overview of the CIS Benchmarks that the Center for Internet Security (CIS) updated or released for June 2025.
How Threat Modeling, Actor Attribution Grow Cyber Defenses
Want to enhance your threat modeling? By combining it with threat actor attribution, you can improve your cyber defenses. Read on to learn more.
CIS Benchmarks May 2025 Update
Here is an overview of the CIS Benchmarks that the Center for Internet Security (CIS) updated or released for May 2025.
Top 10 Malware Q1 2025
In Q1 2025, the Top 10 Malware observed via the MS-ISAC® changed slightly from the previous quarter. Read our blog post to learn more.
Hacktivist Group DieNet Claims DDoS Attacks against U.S. CNI
DieNet is a hacktivist group that's claimed DDoS attacks against U.S. critical infrastructure. Read on to learn its ideology and attack activity.
CIS Benchmarks April 2025 Update
Here is an overview of the CIS Benchmarks that the Center for Internet Security (CIS) updated or released for April 2025.
FFIEC CAT Sunset: What You Need to Know
How are you preparing for the sunset of the FFIEC CAT? Read on to learn how another framework can guide you through this change.
DeepSeek: A New Player in the Global AI Race
CIS analysts break down the rise of DeepSeek, a GenAI model that collects data and introduces security risks for users.
Industry news, product updates, videos, infographics, and more from CIS.