About us

The Center for Internet Security, Inc. (CIS^®) makes the connected world a safer place for people, businesses, and governments through our core competencies of collaboration and innovation.

We are a community-driven nonprofit, responsible for the CIS Controls^® and CIS Benchmarks^™, globally recognized best practices for securing IT systems and data. We lead a global community of IT professionals to continuously evolve these standards and provide products and services to proactively safeguard against emerging threats. Our CIS Hardened Images® provide secure, on-demand, scalable computing environments in the cloud.

CIS is home to the Multi-State Information Sharing and Analysis Center^® (MS-ISAC^®), the trusted resource for cyber threat prevention, protection, response, and recovery for U.S. State, Local, Tribal, and Territorial government entities, and the Elections Infrastructure Information Sharing and Analysis Center^® (EI-ISAC^®), which supports the rapidly changing cybersecurity needs of U.S. elections offices.

Our Commitment 

CIS operates as a mission driven, nonprofit organization dedicated to making the connected world a safer place. Our employees adhere to our Code of Ethics, Leadership Principles, and Code of Conduct, consistent with our collaborative, nonpartisan, vendor-agnostic operating model. These values guide our decisions and actions and build trust in our capabilities, enabling us to achieve our mission.

The CIS Vision

Leading the global community to secure our ever-changing connected world.

The CIS Mission

Our mission is to make the connected world a safer place by developing, validating, and promoting timely best practice solutions that help people, businesses, and governments protect themselves against pervasive cyber threats.

CIS Funding

CIS receives funding through various means, including direct sales of various cybersecurity best practices tools and resources, like CIS SecureSuite Membership and CIS Hardened Images, and cybersecurity services like CIS Endpoint Security Services. CIS also receives funding from various government and non-profit grant programs designed to improve the overall cybersecurity posture of U.S. State, Local, Tribal, and Territorial government organizations. CIS operates the Multi-State and Elections Infrastructure Information Sharing and Analysis Centers (MS-ISAC and EI-ISAC) in a cost-share model including federal funding and CIS funds. Information about CIS funding through a Cooperative Agreement with Congressional  federal fiscal year 2023 appropriations can be found here (page 57-58 addresses the MS-ISAC).

CIS Celebrates 20 Years

Back in August of 2000, a small group of business and government leaders met at the legendary Cosmos Club in Washington, D.C. to discuss a concerning rash of cyber-attacks. From that meeting and others, a vision emerged for an independent, mission-driven, nonprofit organization dedicated to preventing and mitigating new cyber threats.

Today, CIS is the embodiment of that vision. Over the course of 20 years, we have been privileged to work with some of the best minds in the cybersecurity and IT professions. Through a global, collaborative effort, we have developed world-class standards in the form of the CIS Controls and CIS Benchmarks, along with specialized technology tools to help security practitioners implement and manage their cyber defenses.

Blog post: CIS Celebrating 20 Years of Cybersecurity

Watch our anniversary video and read CIS Chief Evangelist, Tony Sager’s special anniversary post.