The Center for Internet Security (CIS) is a 501(c)(3) nonprofit organization, formed in October, 2000. Its mission is to "identify, develop, validate, promote, and sustain best practice solutions for cyber defense and build and lead communities to enable an environment of trust in cyberspace". The organization is headquartered in East Greenbush, New York, with members including large corporations, government agencies, and academic institutions.
CIS employs a closed crowdsourcing model to identify and refine effective security measures, with individuals developing recommendations that are shared with the community for evaluation through a consensus decision-making process. At the national and international level, CIS plays an important role in forming security policies and decisions by maintaining the CIS Controls and CIS Benchmarks, and hosting the Multi-State Information Sharing and Analysis Center (MS-ISAC).
CIS has several program areas, including MS-ISAC, CIS Controls, CIS Benchmarks, CIS Communities, and CIS CyberMarket. Through these program areas, CIS works with a wide range of entities, including those in academia, the government, and both the private sector and general public to increase their online security by providing them with products and services that improve security efficiency and effectiveness.
The Multi-State Information Sharing and Analysis Center (MS-ISAC) is a "round-the-clock cyber threat monitoring and mitigation center for state and local governments" operated by CIS as a partnership with the Office of Cybersecurity and Communications in the United States Department of Homeland Security (DHS). MS-ISAC was established in late 2002, and officially launched in January 2003, by William F. Pelgrin, then Chief Security Officer of the state of New York. Beginning from a small group of participating states in the Northeast, MS-ISAC came to include all 50 U.S. States and the District of Columbia, as well as U.S. Territorial, Tribal, and Local governments. In order to facilitate its expanding scope, in late 2010 MS-ISAC "transitioned into a not-for-profit status under the auspices of the Center for Internet Security", a transition facilitated by CIS having "an established reputation for providing cybersecurity resources to the public and private sectors".
MS-ISAC "helps government agencies combat cyberthreats and works closely with federal law enforcement", and is designated by DHS as a key cyber security resource for the nation's State, Local, Territorial, and Tribal (SLTT) governments. The MS-ISAC 24x7 cyber security operations center performs network monitoring, issues early cyber threat warnings and advisories, and performs vulnerability identification and mitigation as well as incident response.
The main objectives of MS-ISAC are described as follows:
CIS Controls and CIS Benchmarks provide global standards for internet security, and are a recognized global standard and best practices for securing IT systems and data against attacks. CIS maintains "The CIS Controls", a popular set of 20 security controls "which map to many compliance standards", and are applicable to the Internet of things. Through an independent consensus process, CIS Benchmarks provide frameworks to help organizations bolster their security. CIS offers a variety of free resources, which include "secure configuration benchmarks, automated configuration assessment tools and content, security metrics and security software product certifications".
The CIS Controls advocate "a defense-in-depth model to help prevent and detect malware". A May 2017 study showed that "on average, organizations fail 55% of compliance checks established by the Center for Internet Security", with more than half of these violations being high severity issues. In March 2015, CIS launched CIS Hardened Images for Amazon Web Services, in response to "a growing concern surrounding the data safety of information housed on virtual servers in the cloud". The resources were made available as Amazon Machine Images, for six "CIS benchmarks-hardened systems", including Microsoft Windows, Linux and Ubuntu, with additional images and cloud providers added later. CIS released Companion Guides to CIS Controls, recommendations for actions to counter cybersecurity attacks, with new guides having been released in October and December 2015.
CIS Benchmarks are a collaboration of the Consensus Community and CIS SecureSuite members (a class of CIS members with access to additional sets of tools and resources). The Consensus Community is made up of experts in the field of IT security who use their knowledge and experience to help the global Internet community. CIS SecureSuite members are made up of several different types of companies ranging in size, including government agencies, colleges and universities, nonprofits, IT auditors and consultants, security software vendors and other organizations. CIS Benchmarks and other tools that CIS provides at no cost allow IT workers to create reports that compares their system security to universal consensus standard. This fosters a new structure for internet security that everyone is accountable for that is shared by top executives, technology professionals and other internet users throughout the globe. Further, CIS provides internet security tools with a scoring feature that rates the configuration security of the system at hand. For example, CIS provides SecureSuite members with access to CIS-CAT Pro, a "cross-platform Java app" which scans target systems and "produces a report comparing your settings to the published benchmarks". This is intended to encourage and motivate users to improve the scores given by the software, which bolsters the security of their internet and systems. The universal consensus standard that CIS employs draws upon and uses the accumulated knowledge of skillful technology professionals. Since internet security professionals volunteer in contributing to this consensus, this reduces costs for CIS and makes it cost effective.
CIS CyberMarket is a "collaborative purchasing program that serves U.S. State, Local, Tribal, and Territorial (SLTT) government organizations, nonprofit entities, and public health and education institutions to improve cybersecurity through cost-effective group procurement". The intent of the CIS CyberMarket is to combine the purchasing power of governmental and nonprofit sectors to help participants improve their cybersecurity condition at a lower cost than they would have been able to attain on their own. The program assists with the "time intensive, costly, complex, and daunting" task of maintaining cybersecurity by working with the public and private sectors to bring their partners cost-effective tools and services. The combined purchasing opportunities are reviewed by domain experts.
There are three main objectives of the CIS CyberMarket:
CIS CyberMarket, like the MS-ISAC, serves government entities and non-profits in achieving greater cyber security. On its "resources" page, multiple newsletters and documents are available free of charge, including the "Cybersecurity Handbook for Cities and Counties".
CIS Communities are "a volunteer, global community of IT professionals" who "continuously refine and verify" CIS best practices and cybersecurity tools. To develop and structure its benchmarks, CIS uses a strategy in which members of the organization first form into teams. These teams then each collect suggestions, advice, official work and recommendations from a few participating organizations. Then, the teams analyze their data and information to determine what the most vital configuration settings are that would improve internet system security the most in as many work settings as possible. Each member of a team constantly works with their teammates and critically analyzes and critiques a rough draft until a consensus forms among the team. Before the benchmark is released to the general public, they are available for download and testing among the community. After reviewing all of the feedback from testing and making any necessary adjustments or changes, the final benchmark and other relevant security tools are made available to the public for download through the CIS website. This process is so extensive and is so carefully executed that thousands of security professionals across the globe participate in it. According to ISACA, "during the development of the CIS Benchmark for Sun Microsystems Solaris, more than 2,500 users downloaded the benchmark and monitoring tools."
The organizations that participated in the founding of CIS in October, 2000 include ISACA, the American Institute of Certified Public Accountants (AICPA), the Institute of Internal Auditors (IIA), the International Information Systems Security Certification Consortium (ISC2) and the SANS Institute (System Administration, Networking and Security). CIS has since grown to have hundreds of members with varying degrees of membership, and cooperates and works with a variety of organizations and members at both the national and international levels. Some of these organizations include those in both the public and private sectors, government, ISACs and law enforcement.
See more here:
Center for Internet Security - Wikipedia
- The Internet: Looking Back and Forward 50 Years - Security Boulevard - November 18th, 2019
- Internet security Market Outlook 2019: Business Overview And Top Company Analysis Forecast By 2026 - The Market Publicist - November 18th, 2019
- Cybersecurity and digital trade: What role for international trade rules? - Brookings Institution - November 18th, 2019
- The American Internet Sucks. The Alternative Is China. - BuzzFeed News - November 18th, 2019
- 3 types of email you should never open - AndroidPIT - November 18th, 2019
- When will 5G arrive? - Verizon Communications - November 18th, 2019
- New Bytecode Alliance Brings the Security, Ubiquity, and Interoperability of the Web to the World of Pervasive Computing - Mozilla & Firefox - November 18th, 2019
- Kaspersky Internet Security 2021 18.104.22.1687 - 60% OFF ... - October 23rd, 2019
- Securing Your Wireless Network | FTC Consumer Information - October 14th, 2019
- Amazon.com: Kaspersky Internet Security | 1 Device | 1 ... - October 1st, 2019
- Download ESET Internet Security | ESET - September 30th, 2019
- VPN Publishes Forbes Internet Security Guide for Law Firms - September 18th, 2019
- Avast Internet Security 2019 v19.7.2388 Activation Code ... - September 18th, 2019
- Trend Micro - Simply Security News, Views and Opinions from ... - May 30th, 2019
- Kaspersky Internet Security - Wikipedia - May 13th, 2019
- Anti-Virus Web Protection & Spyware Removal | StopSign ... - May 13th, 2019
- Internet security Great-West Life - ssl.grsaccess.com - March 22nd, 2019
- Download COMODO Internet Security 22.214.171.12444 - softpedia.com - January 31st, 2019
- Avast Internet Security Review 2018 - We Hate Malware - November 8th, 2018
- Security Packages | High-Speed Internet | Windstream - November 8th, 2018
- Antivirus vs Internet Security [Security Software Comparison] - November 8th, 2018
- Internet Security Lectures by Prabhaker Mateti - November 8th, 2018
- Vipre Internet Security 2016 Free Download - Softlay - November 8th, 2018
- Internet security software Reviews 2018 - Compared & Reviewed - November 2nd, 2018
- Exhibit A - Internet Security Requirements - November 2nd, 2018
- CIS Benchmarks - Center for Internet Security - November 2nd, 2018
- Kaspersky Internet Security 2018 Crack + License Key [Latest] - October 12th, 2018
- Zillya! Internet Security | Best Security Solution for Active ... - October 12th, 2018
- Download Norton Internet Security 126.96.36.199 - softpedia.com - October 9th, 2018
- Avast Internet Security 2018 Activation Code, Serial Key Till ... - October 9th, 2018
- Download Avast Internet Security 18.6.2349 Build 18.6.3983 ... - October 9th, 2018
- Download McAfee Internet Security 19.0 Build 19.0.4016 - October 3rd, 2018
- AVG Internet Security 2018 Free Download - FileHippo - October 3rd, 2018
- Internet Security - Quick Heal - October 3rd, 2018
- Kaspersky Internet Security 2019 v188.8.131.528 | Software ... - October 3rd, 2018
- VIPRE Internet Security Review & Comparison - September 22nd, 2018
- Internet Security Suite | Verizon Internet - September 20th, 2018
- Antivirus Security Software & Internet Security - Newegg.com - September 19th, 2018
- Amazon Best Sellers: Best Internet Security Suites - September 7th, 2018
- Download Bitdefender Internet Security 2019 184.108.40.206 - August 24th, 2018
- Best (and Worst) Internet Security Software of 2018 for Windows - August 18th, 2018
- Amazon.com: Kaspersky Internet Security 2018 | 3 Device | 1 ... - August 8th, 2018
- AVG Internet Security - Free download and software reviews ... - August 3rd, 2018
- Top 3 Internet Security Software Suites Reviews ... - July 26th, 2018
- GRC | LeakTest -- Firewall Leakage Tester - July 26th, 2018
- Internet Security is an important part of Identity Theft ... - June 22nd, 2018
- V3 Internet Security | AhnLab - June 22nd, 2018
- Internet Security with Xfinity - Norton Security Online - June 17th, 2018
- Best Internet Security Software Compared - May 25th, 2018
- Computer and internet security software Chili Security - May 21st, 2018
- Internet Security Market Size, Share and Technology, 2021 - May 21st, 2018
- Download Webroot SecureAnywhere Antivirus & Internet ... - May 1st, 2018
- AVG Internet Security 2018 review | Ultimate antivirus ... - April 29th, 2018
- The Internet Security Academy - SAHCOM Technologies LLP - April 27th, 2018
- These files can't be opened. Your Internet security ... - April 20th, 2018
- How to Uninstall Norton Internet Security: 12 Steps - April 20th, 2018
- Internet Security Software at Office Depot OfficeMax - April 19th, 2018
- Why is Internet security important? | Reference.com - March 26th, 2018
- AVG Internet Security Unlimited 2018 18.2.3827 20% OFF ... - March 25th, 2018
- Trend Micro Titanium Internet Security - Download - March 21st, 2018
- Kaspersky Mobile Antivirus: AppLock & Web Security ... - March 21st, 2018
- Why do I Need Internet Security - The High Tech Society - March 21st, 2018
- Cincinnati Bell - Other Services Support - March 21st, 2018
- Internet Security Essentials for Business 2.0 | U.S ... - March 21st, 2018
- ESET Internet Security 10.0.386.0 Crack + License Keys ... - March 21st, 2018
- Privacy and Security in the Internet Age | WIRED - March 19th, 2018
- News & Events | K9 Web Protection - Free Internet Filter ... - March 19th, 2018
- 10 Internet Security Programs (for Windows), Ranked Best ... - March 7th, 2018
- AVG Internet Security 2015 Free Download - getintopc.com - March 3rd, 2018
- McAfee Internet Security Download - softpedia.com - February 28th, 2018
- COMODO Internet Security Download - softpedia.com - January 30th, 2018
- Best Internet Security Software 2018 - The best rated ... - January 28th, 2018
- Comodo Antivirus - Best Virus Removal Software 2018 - January 13th, 2018
- ZoneAlarm Antivirus Software | Virus Protection & Firewall - January 13th, 2018
- What Is the Meaning of Internet Security? | Techwalla.com - January 12th, 2018
- Download Avast Internet Security 17.7.2314 - FileHippo.com - January 12th, 2018
- Vipre Antivirus VIPRE Internet Security - January 12th, 2018
- AVG Internet Security 2018 License Key With Crack Full Version - January 8th, 2018
- CA Internet Security Suite Plus - Download - December 27th, 2017
- Collaborative Security: An approach to tackling Internet ... - December 27th, 2017