The Center for Internet Security (CIS) is an independent, nonprofit organization whose mission is to generate confidence in the connected world. It achieves this by offering a broad range of cybersecurity solutions and tools.
The organization's main focus is helping to secure organizations through various tools and resources. Among the key offerings by CIS are the CIS Critical Security Controls that offer prioritized and streamlined best practices in cybersecurity management. CIS also encourages the participation of individuals and businesses in developing and maintaining these security controls via the CIS Controls Community.
CIS also provides a risk assessment process known as CIS RAM (Information Security Risk Assessment Method). This offers businesses an effective mechanism to evaluate the vulnerabilities and potential threats to the security of their information systems. In addition, CIS CSAT is a tool provided by the organization to measure and assess the efficiency of the implemented controls.
One unique feature of CIS is its CIS Benchmarks. These are vendor-neutral configuration guides, which number over 100 and aim to help businesses develop and update secure configuration guides. With the CIS-CATPro tool, businesses can also assess system conformance to these benchmarks.
In addition, CIS offers Hardened Images. These are virtual images that have been fortified according to the CIS Benchmarks and are readily available for use on cloud service provider marketplaces. The CIS SecureSuite is another significant product, an integrated set of cybersecurity tools and resources designed to aid in the implementation of CIS Benchmarks and CIS Controls.
Also, part of CIS's platform includes support for U.S. State, Local, Tribal, and Territorial Governments Memberships. With entities like MS-ISAC and EI-ISAC, the organization provides tailored cybersecurity resources, particularly geared towards election-focused cyber defense.
Verdict: CIS offers a comprehensive range of cybersecurity solutions and tools to help organizations strengthen their internet security. By providing tools for risk assessment, control implementation, vendor-neutral configuration, and cybersecurity resource communities, CIS is a robust resource for organizations keen on enhancing their cybersecurity practices.