[1] Its mission statement professes that the function of CIS is to " help people, businesses, and governments protect themselves against pervasive cyber threats."

The organization is headquartered in East Greenbush, New York, US, with members including large corporations, government agencies, and academic institutions.

[9] The MS-ISAC was established in late 2002, and officially launched in January 2003, by William F. Pelgrin, then Chief Security Officer of the state of New York.

In order to facilitate its expanding scope, in late 2010, MS-ISAC "transitioned into a not-for-profit status under the auspices of the Center for Internet Security."

In 2021, the MS-ISAC announced[15] it was undergoing a digital transformation, making major infrastructure upgrades including the implementation of a new cloud-based threat intelligence platform, security information and event management (SIEM) capability, security orchestration, automation, and response (SOAR) tool, and data lake capabilities for threat hunting.

[25] A May 2017 study showed that "on average, organizations fail 55% of compliance checks established by the Center for Internet Security", with more than half of these violations being high severity issues.

CIS SecureSuite members are made up of several different types of companies ranging in size, including government agencies, colleges and universities, nonprofits, IT auditors and consultants, security software vendors and other organizations.

For example, CIS provides SecureSuite members with access to CIS-CAT Pro, a "cross-platform Java app" which scans target systems and "produces a report comparing your settings to the published benchmarks".

[33] CIS CyberMarket is a "collaborative purchasing program that serves U.S. State, Local, Tribal, and Territorial (SLTT) government organizations, nonprofit entities, and public health and education institutions to improve cybersecurity through cost-effective group procurement".

[34] The intent of the CIS CyberMarket is to combine the purchasing power of governmental and nonprofit sectors to help participants improve their cybersecurity condition at a lower cost than they would have been able to attain on their own.

The program assists with the "time intensive, costly, complex, and daunting" task of maintaining cybersecurity by working with the public and private sectors to bring their partners cost-effective tools and services.

After reviewing all of the feedback from testing and making any necessary adjustments or changes, the final benchmark and other relevant security tools are made available to the public for download through the CIS website.