Sophos Endpoint Selected for CIS MDR™, a Purpose-Built Cybersecurity Solution for U.S. State, Local, Tribal and Territorial (SLTT) governments
Sophos, a global leader of innovative security solutions for defeating cyberattacks, today announced it has been selected by the Center for Internet Security, Inc. (CIS) as the endpoint protection provider for commercial cloud for U.S. State, Local, Tribal, and Territorial (SLTT) government organizations as part of its newly launched CIS Managed Detection and Response™ (CIS MDR™) service. CIS MDR is a fully managed, 24/7/365 endpoint protection solution specifically designed to detect and stop attacks targeting U.S. government organizations.
The CIS MDR Security Operations Center (SOC) uses Sophos Endpoint powered by Intercept X to stop malicious activity early in the attack chain before attacks can impact government systems. CIS MDR provides continuous monitoring, detection, and response services which are now available through a Sophos-hosted commercial cloud infrastructure that meets the scale, availability, and operational needs of SLTT entities.
More than 600,000 organizations trust Sophos to defend against cyberthreats, including advanced remote ransomware attacks and active adversaries. Unique to Sophos, the solution includes Adaptive Attack Protection that dynamically heightens defenses on an endpoint when a hands-on-keyboard attack is detected, minimizing the attack surface and disrupting the attacker’s activities.
“CIS is a trusted entity helping U.S. governments safeguard critical infrastructure and public sector systems,” said Rob Lalumondier, vice president of public sector, Sophos. “All SLTT governments deserve access to comprehensive security solutions to protect against today’s evolving and persistent cyber threats. According to our State of Ransomware in the U.S. 2025 report, the average cost to recover from an attack, excluding ransom payments, was nearly $2 million last year. CIS MDR helps reduce this burden by delivering expert-led detection and response around the clock. This service combines the power of Sophos Endpoint with CIS’ world-class SOC to deliver true 24/7 protection.”
CIS MDR is designed to address the regulatory, staffing, and budgetary constraints faced by SLTT organizations while defending against the unique cyber threats that target these entities. With Sophos Endpoint, CIS MDR offers device-level protection and response to strengthen an organization’s endpoint security program, and it provides active defense against both known (signature-based) and unknown (behavioral-based) malicious activity.
CIS MDR also benefits from Sophos’ proprietary CryptoGuard anti-ransomware technology, which is uniquely able to stop remote ransomware attacks, which now account for 70% of successful ransomware attacks, according to Microsoft’s 2024 Digital Defense Report.
“The mission of CIS is to strengthen the cybersecurity posture of U.S. State, Local, Tribal, and Territorial government organizations, and delivering purpose-built solutions like CIS MDR is central to that mission,” said Lee Noriega, executive director of cybersecurity services, Center for Internet Security (CIS). “By leveraging a secure commercial cloud environment hosted by Sophos, we’re able to expand access to this fully managed service and meet the operational realities of our members with an enterprise-grade endpoint solution that is already trusted by more than 300,000 organizations. Sophos provides the flexibility and resilience needed to support real-time detection and response for SLTT organizations across the U.S.”
CIS MDR is part of a broader integrated cyber defense ecosystem, working in concert with MS-ISAC threat intelligence, incident response, and compliance tools to deliver a unified, coordinated defense strategy.
For more information about CIS MDR™, go to https://www.cisecurity.org/services/managed-detection-and-response.
About CIS
The Center for Internet Security, Inc. (CIS®) makes the connected world a safer place for people, businesses, and governments through our core competencies of collaboration and innovation. We are a community-driven nonprofit, responsible for the CIS Critical Security Controls® and CIS Benchmarks™, globally recognized best practices for securing IT systems and data. We lead a global community of IT professionals to continuously evolve these standards and provide products and services to proactively safeguard against emerging threats. Our CIS Hardened Images® provide secure, on-demand, scalable computing environments in the cloud. CIS is home to the Multi-State Information Sharing and Analysis Center® (MS-ISAC®), the trusted resource for cyber threat prevention, protection, response, and recovery for U.S. State, Local, Tribal, and Territorial government entities. To learn more, visit cisecurity.org or follow us on X: @CISecurity.