CIS makes the connected world a safer place for people, businesses, and governments through our core competencies of collaboration and innovation.
Joined April 2009
- Tweets 47,610
- Following 1,531
- Followers 43,255
- Likes 4,351
7,374 Photos and videos
What we're seeing with AI-driven vulnerability discovery might not be able to entirely "drain the swamp" of vulnerabilities. But it can still help significantly lower vulnerabilities in our attack surface. Listen to learn more. bit.ly/4utFGbx
2
305
The authors of Verizon's DBIR turn to Implementation Group 1 of the CIS Controls because it provides a "grounding foundation" for process, not just technology. Listen to episode 188 of our podcast to learn more. bit.ly/4e3qXPO
1
2
431
CIS ThreatWA supports journalists with timely threat analysis and mitigation guidance you can reference confidently without vendor spin. bit.ly/3SbHl85
2
1
373
This blog outlines practical considerations for managing agent behavior securely, including validation, monitoring, and governance strategies you can apply today. bit.ly/49qqmVy
1
3
467
Check out the newly released and recently updated CIS Benchmarks along with two brand new CIS Build Kits. bit.ly/43umUpo
7
320
Here are 5 practical steps city leaders and IT teams can take before a major event to reduce risk and improve readiness. bit.ly/3PNQlj4
2
340
AI, real-world events, and distributed environments are reshaping cyber risk. Explore these challenges facing public and private organizations in the Spring 2026 issue of Cybersecurity Quarterly.
1
326
When false active shooter reports hit college campuses, information sharing matters. This case study shows how coordinated threat intelligence helped reduce confusion and support safer responses during swatting incidents. bit.ly/4tAlTa0
1
363
When we're talking "AI safety" vs. "AI security," it's a little bit like the shared responsibility in the cloud. The former falls mostly to the vendor, but the latter is on you. Listen to our podcast to learn more. bit.ly/4twudHT
1
291
Join us tomorrow to learn how to secure each layer of the AI stack.
1
271
It's a fallacy to think we'd all be wise and know what to do if we just "shared" security incidents. We need to translate these security incidents into something IT folks can do or business processes that protect what matters most. Listen to our podcast for further insights.
1
298
Cybersecurity is a collective effort. In a recent Technology Record feature, CIS highlights how alignment across the Azure ecosystem helps turn best practices into real security outcomes.
1
2
336
Drones are bypassing traditional event security. Our guide examines evolving UAS threats to large-scale public gatherings, and what public safety leaders should plan for now.
1
2
313
As a human, you're the actual intelligence in AI. Which means you're responsible for providing the right context and input to get the possible result. Listen to Episode 182 Cybersecurity Where You Are to hear from our CISO and CTIO.
2
303
Tony Sager has spent decades helping organizations navigate major shifts in cybersecurity. His message on Mythos AI is consistent and steady.
1
2
372
As funding models shift, SLTT organizations can leverage MS-ISAC for collaboration, threat intel, and tailored services. Learn more in the Spring 2026 issue of Cybersecurity Quarterly:
1
5
539
Cybersecurity is stronger when we work together. The Spring 2026 Cybersecurity Quarterly explores how CIS, members, and partners are collaborating to secure our connected world.
10
2
10
93,770
Our CTI team observed an ongoing campaign where threat actors are attempting to trick users into downloading remote monitoring and management tools so that they gain unauthorized access to systems. Learn what the campaign entails.
3
8
11
259,379
Our report highlights how recent rail sabotage tied to major global events signals elevated risk heading into the 2026 World Cup. Learn key trends, threat actors, and actionable guidance for transit security.
5
7
151,629
- Persistent remote access
- Hands-on-keyboard activity
- Credential theft
- Additional payload delivery
This is what threat actors gain from abusing legitimate remote monitoring and management software. Read our analysis of a Vimeo-themed phishing campaign using this technique.
5
1
5
73,394