How Secure by Design Helps Developers Build Secure Software
Secure by Design offers practical, risk-based strategies for integrating security into the software development lifecycle.
Blog Feed - Center for Internet Security
ClickFix: An Adaptive Social Engineering Technique
The CIS CTI tracked two ClickFix campaigns between January 2025 and October 2025. Learn more about them and how to defend yourself.
Simplify Security Management with CIS SecureSuite Platform
Looking to simplify security management and accelerate audits? Read our blog post to learn how our CIS SecureSuite Platform can help!
Building a Secure Cloud Foundation for Healthcare with CIS
Learn how to accelerate your healthcare compliance with CIS Hardened Images and CIS SecureSuite for secure, audit-ready cloud environments.
Intune and M365 Support Now Included in CIS Build Kits
Learn how to streamline security with the CIS SecureSuite Platform and new Intune/M365 Build Kits — plus audit-ready reporting tools.
Reasonable Cybersecurity: From Legal Theory to Practice
Explore how reasonable cybersecurity is evolving from a legal concept into a practical standard for protecting systems and consumer data.
Reasonable Cybersecurity: From Legal Theory to Practice
Explore how reasonable cybersecurity is evolving from a legal concept into a practical standard for protecting systems and consumer data.
CIS Helps Strengthen Cybersecurity in Energy & Utilities
Discover how CIS Benchmarks and CIS Controls help energy and utility companies strengthen cybersecurity across IT and OT environments.
CIS Helps Strengthen Cybersecurity in Energy & Utilities
Discover how CIS Benchmarks and CIS Controls help energy and utility companies strengthen cybersecurity across IT and OT environments.
CIS Benchmarks Monthly Update September 2025
The following CIS Benchmarks and CIS Build Kits have been updated or recently released. We've highlighted the major updates below.
CIS Benchmarks Monthly Update September 2025
The following CIS Benchmarks and CIS Build Kits have been updated or recently released. We've highlighted the major updates below.
Qilin Top Ransomware Threat to SLTTs in Q2 2025
In Q2 2025, Qilin became the most active ransomware targeting U.S. SLTT government entities. Read the CIS CTI team's analysis to learn more.
Qilin Top Ransomware Threat to SLTTs in Q2 2025
In Q2 2025, Qilin became the most active ransomware targeting U.S. SLTT government entities. Read the CIS CTI team's analysis to learn more.
Top External Network Risks And How to Fix Them
Learn about the top external network risks and recommendations to harden configurations from the CIS Cyber Threat Intelligence team.
Top External Network Risks And How to Fix Them
Learn about the top external network risks and recommendations to harden configurations from the CIS Cyber Threat Intelligence team.
CIS Controls Ambassador Spotlight: Eric Woodard
The CIS Controls Ambassador program is an initiative of the CIS that focuses on enhancing the adoption of key cybersecurity best practices.
CIS Controls Ambassador Spotlight: Eric Woodard
The CIS Controls Ambassador program is an initiative of the CIS that focuses on enhancing the adoption of key cybersecurity best practices.
CIS Benchmarks August 2025 Update
Here is an overview of the CIS Benchmarks that the Center for Internet Security (CIS) updated or released for August 2025.
CIS Benchmarks August 2025 Update
Here is an overview of the CIS Benchmarks that the Center for Internet Security (CIS) updated or released for August 2025.
Critical Infrastructure Caught in a Botnet
Cyber threat actors frequently use a botnet in their efforts to target U.S. critical infrastructure. Read on for how to defend your networks.
Industry news, product updates, videos, infographics, and more from CIS.