2017: New Year’s Resolutions for a CISO

By the Intel & Analysis Working Group (I&AWG) 

Year after year on January 1st we start fresh by taking time to reevaluate our lives; we determine where we are and think about where we'd eventually like to be at year’s end. This recurring tradition usually involves creating a list of resolutions that will be used as a guide to help navigate our way through another 365 days of living a happier, healthier, and more efficient lives.

This entry was posted in CISO on January 20, 2017 by MS-ISAC

2016: By The Numbers (Infographic)

2016 was a year to remember at CIS.

This entry was posted in CIS on January 09, 2017 by Kimberly K

Security Benchmarks Update: Where is Windows Server 2016?


2016 was an awesome year for the CIS Windows community. Thanks to the enthusiastic participation from our community members, we have been able to roll out major updates for several CIS Security Benchmarks.
This entry was posted in Windows Server 2016 on December 19, 2016 by Jordan R

Phishing: Pause Before You Click

Although not a new phenomenon, phishing (attempting to obtain sensitive information or money by masquerading as a trustworthy entity via email) is more common than you might think. Phishing continues to be a pervasive cybersecurity issue in an online environment in which over 205 billion emails are sent daily.

This entry was posted in Phishing on December 05, 2016 by Kimberly K

End-of-Support Software Report List

10/1/2016 to 6/30/2017 

The importance of updating software before its End-of-Life (EOL) and End-of-Support (EOS) should not be taken lightly or ignored. EOL occurs when the software is retired, although the vendor/manufacture can (and generally does) continue to support the software until the EOS date. EOS occurs when software updates, patches, and other forms of support are no longer offered, resulting in software becoming prone to future security vulnerabilities. Vendors and manufacturers often use these terms interchangeably, although different vendors and manufacturers may have slightly different definitions for EOL and EOS. For this reason, it is important to check with the individual vendor/manufacturer. 

This entry was posted in End-of-Support / End-of-Life Report on November 30, 2016 by MS-ISAC

Cyber Extortion: An Industry Hot Topic

By Chris Cooley, Cyber Intelligence Analyst 

Some traditional cybercriminals have seemingly left the art of stealing credit cards and personally identifiable information (PII) for a simpler tactic – cyber extortion – where they use threats to demand victims’ money rather than steal it. While highly discussed, cyber extortion continues to gain traction as a multi-million dollar criminal industry. Over the last year state and local governments, along with law enforcement and health care organizations, have not evaded its path.

on November 23, 2016 by MS-ISAC

Cyber Monday Survival Guide

Cyber Monday is just aroud the corner and we want you to be safe while shopping online. Use our survival guide to make sure you're not putting your personal information at risk while taking advantage of great deals. 

This entry was posted in safety tip on November 18, 2016 by Kimberly K

4 Steps to Safer Shopping Online

Planning to get a head start on your holiday shopping this year? Here are four things you need to know to stay safe while shopping online.

on November 02, 2016 by Andrew D

Understanding CIS Control 5


This week, we’re focusing on Critical Control 5: Controlled Use of Administrative Privileges. More specifically:

This entry was posted in CIS Controls on October 31, 2016 by Kimberly K

4 Mobile Security Tips to Keep Your Organization Safe

Week 4 of National Cyber Security Awareness Month focuses on our continuously connected lives in a rapidly developing digital world. Mobile security plays a big role in staying safe as more organizations than ever rely on cell phones, tablets, and laptops for business. Does your cybersecurity strategy keep mobile in mind? Here are four mobile security tips to help your organization stay secure in a connected and moving business environment.

This entry was posted in mobile device, national cyber security awareness month, mobile security on October 26, 2016 by Shannon McClain