← Back to Organizations

Center for Internet Security

Non-profit for cyber defense best practices

foundation

Center for Internet Security: Enhancing Cyber Defense Best Practices

Organization Overview and Mission

The Center for Internet Security (CIS) is a non-profit organization dedicated to helping organizations improve their cybersecurity posture. Founded in 2000, CIS brings together a community of cybersecurity experts and practitioners to develop best practices and standards that enhance the security of information systems. Their mission is to promote a safe and secure online environment through collaborative efforts and community engagement.

Their Role in the Migration/Technology Ecosystem

CIS plays a critical role in the technology ecosystem by providing frameworks and guidelines that help organizations navigate the complexities of cybersecurity during migrations. As teams transition their infrastructure, whether to cloud-based services or new on-premise systems, CIS offers the tools and insights necessary to ensure security remains a priority.

Key Publications and Contributions

CIS is renowned for its contributions to the field of cybersecurity, particularly through the following key publications:

  • CIS Controls: A set of prioritized cybersecurity best practices that help organizations defend against the most pervasive attacks. The latest version includes 18 controls that focus on key areas of risk management.
  • CIS Benchmarks: Configuration guidelines for securing various technologies, including operating systems, applications, and cloud environments. These benchmarks are developed through a consensus-driven process and are widely recognized as standards for secure configurations.
  • CIS Cybersecurity Self-Assessment Tool (CSAT): A free tool that helps organizations assess their cybersecurity practices against the CIS Controls, allowing teams to identify strengths and weaknesses.

Standards or Best Practices They Maintain

CIS maintains several important standards and best practices that are crucial for organizations, especially during migrations:

  • CIS Controls: These controls provide a prioritized set of actions that organizations can take to mitigate cyber threats effectively.
  • CIS Benchmarks: These are specific configuration guidelines aimed at securing systems and applications. They cover a wide range of technologies including cloud services, databases, and network devices.
  • CIS Implementation Groups (IGs): These groups categorize the CIS Controls into three implementation groups based on the size and cybersecurity maturity of the organization, making it easier for teams to adopt relevant practices.

How Their Work Helps Migration Teams

Migration teams benefit significantly from CIS resources in several ways:

  • Security Framework: As teams transition systems, CIS provides a security framework to identify risks and implement best practices that protect sensitive data.
  • Risk Mitigation: By following CIS Controls and Benchmarks, teams can mitigate potential security risks associated with migrating to new technologies or cloud environments.
  • Community Resources: CIS fosters collaboration among cybersecurity professionals, providing forums and discussion groups where teams can share insights and strategies related to migrations.

Certifications or Programs They Offer

CIS also offers several certifications and programs:

  • CIS SecureSuite Membership: This program grants access to a wide range of resources, including CIS Benchmarks, tools, and training materials.
  • CIS Cybersecurity Assessment: Organizations can engage in assessments to measure their adherence to CIS Controls, helping them understand their cybersecurity posture and areas for improvement.

How to Engage with Their Resources

Engaging with CIS resources is straightforward:

  1. Visit the Website: Access CISecurity.org to explore various resources, including publications, tools, and membership options.
  2. Download Resources: Many CIS publications, including the CIS Controls and Benchmarks, are available for free download.
  3. Join the Community: Participate in forums and discussions to connect with other cybersecurity professionals and share knowledge.
  4. Utilize Tools: Make use of the CIS Cybersecurity Self-Assessment Tool (CSAT) to evaluate your organization’s cybersecurity practices and identify improvement areas.

In conclusion, the Center for Internet Security plays a vital role in enhancing cybersecurity practices that are crucial for successful software migrations. By leveraging their comprehensive guidelines and community resources, teams can execute migrations with confidence, ensuring that security remains a top priority throughout the process.