CIS Hardened Images are now in the AWS European Sovereign Cloud. Learn how this can help you to reduce risk, improve consistency, and more.

Here is an overview of the CIS Benchmarks that the Center for Internet Security (CIS) updated or released for January 2026.

CIS is making security in the cloud even easier for you by releasing a CIS hardening component in EC2 Image Builder on Amazon Web Services (AWS).

The MS-ISAC provides the only nationwide network dedicated to cybersecurity collaboration in the U.S. SLTT community. Read on to learn more.

In October 2025, CIS CTI observed a rise in CIS MDR alerts associated with Crystal PDF on U.S. SLTT endpoints. Here's how to defend yourself.

Here is an overview of the CIS Benchmarks that the Center for Internet Security (CIS) updated or released for December 2025.

Looking to automate Azure Linux hardening and streamline hybrid security? Learn how to do it at scale with Azure OSConfig and the CIS Benchmarks.

The November 2025 CIS Benchmarks monthly update highlights the CIS Benchmarks and CIS Build Kits that have been updated or recently released.

CIS and CyberAcuView have launched Control Assist, an initiative designed to simplify cyber insurance and strengthen cybersecurity for SMBs.

The adoption of a fee-based membership model has had minimal and in some aspects positive impact on MS-ISAC CTI. Read our blog to learn more.

Total malware notifications from MS-ISAC monitoring services increased 38% from Q2 to Q3 2025. Learn more by reading our Top 10 Malware list.

What does 2026 have in store for cybersecurity? Read our experts' 2026 cybersecurity predictions to find out and get planning.

We've highlighted the major updates for CIS Benchmarks and CIS Build Kits in the Benchmarks Monthly Update for October 2025.

The CIS CTI team saw an uptick in member-submitted phishing emails in Q3 2025. Learn the overlap these emails have with the Tycoon2FA PhaaS kit.

Secure by Design offers practical, risk-based strategies for integrating security into the software development lifecycle.

The CIS CTI tracked two ClickFix campaigns between January 2025 and October 2025. Learn more about them and how to defend yourself.

Looking to simplify security management and accelerate audits? Read our blog post to learn how our CIS SecureSuite Platform can help!

Learn how to accelerate your healthcare compliance with CIS Hardened Images and CIS SecureSuite for secure, audit-ready cloud environments.

Explore how reasonable cybersecurity is evolving from a legal concept into a practical standard for protecting systems and consumer data.

Discover how CIS Benchmarks and CIS Controls help energy and utility companies strengthen cybersecurity across IT and OT environments.

The following CIS Benchmarks and CIS Build Kits have been updated or recently released. We've highlighted the major updates below.

In Q2 2025, Qilin became the most active ransomware targeting U.S. SLTT government entities. Read the CIS CTI team's analysis to learn more.

Learn about the top external network risks and recommendations to harden configurations from the CIS Cyber Threat Intelligence team.

The CIS Controls Ambassador program is an initiative of the CIS that focuses on enhancing the adoption of key cybersecurity best practices.

Here is an overview of the CIS Benchmarks that the Center for Internet Security (CIS) updated or released for August 2025.

Cyber threat actors continue to target law enforcement agencies. Here are five cyber questions LE executives can ask to evaluate their defenses.

Cyber threat actors frequently use a botnet in their efforts to target U.S. critical infrastructure. Read on for how to defend your networks.

Learn how the CIS IT team successfully implemented CIS Benchmarks in a Virtual Desktop Infrastructure (VDI) environment—specifically focusing on Windows 11.

Automation for Controls: Meet OSCAL, the Open Security Controls Assessment Language OSCAL, also known as the Open Security Controls Assessment.

Total malware notifications from MS-ISAC monitoring services decreased 18% from Q1 2025 to Q2 2025. Read our Top 10 Malware Q2 2025 for more.

Here is an overview of the CIS Benchmarks that the Center for Internet Security (CIS) updated or released for July 2025.

How do U.S. IC organizations strengthen their cloud security in a way that meets their needs? See how the CIS Hardened Images® can help.

Today’s digital threats don’t discriminate by size or sector. Building a solid cybersecurity foundation is no longer optional—it’s essential.

Here is an overview of the CIS Benchmarks that the Center for Internet Security (CIS) updated or released for June 2025.

Want to enhance your threat modeling? By combining it with threat actor attribution, you can improve your cyber defenses. Read on to learn more.

Here is an overview of the CIS Benchmarks that the Center for Internet Security (CIS) updated or released for May 2025.

In Q1 2025, the Top 10 Malware observed via the MS-ISAC® changed slightly from the previous quarter. Read our blog post to learn more.

DieNet is a hacktivist group that's claimed DDoS attacks against U.S. critical infrastructure. Read on to learn its ideology and attack activity.

Here is an overview of the CIS Benchmarks that the Center for Internet Security (CIS) updated or released for April 2025.

How are you preparing for the sunset of the FFIEC CAT? Read on to learn how another framework can guide you through this change.

CIS analysts break down the rise of DeepSeek, a GenAI model that collects data and introduces security risks for users.

The CIS CTI team spotted a Lumma Stealer campaign where SLTT victims were redirected to malicious webpages delivering fake CAPTCHA verifications.

Here is an overview of the CIS Benchmarks that the Center for Internet Security (CIS) updated or released for March 2025.

Here is an overview of the CIS Benchmarks that the Center for Internet Security (CIS) updated or released for February 2025.

In Q4 2024, the Top 10 Malware observed by the MS-ISAC® changed slightly from the previous quarter. Here are the malware that topped our list.

Here is an overview of the CIS Benchmarks that the Center for Internet Security updated or released for January 2025.

In H2 2024, the CIS CTI team found weak security configurations through passive scans of customers' external networks. Here's how to stay secure.

Here is an overview of the CIS Benchmarks that the Center for Internet Security updated or released for December 2024.

The Lynx ransomware group targeted multiple U.S. facilities in 2024. Here's how your facility can strengthen your defenses against threats like Lynx.

The CIS CTI team responded to member incident reports and monitored reporting trends around the 2024 General Election. Here's what the team observed.