Everything You Should Know About the Cybersecurity and Infrastructure Security Agency

By: Mike Burgard
August 22, 2022

Have you updated the software on your Apple device lately? If not, look for any new software updates and install them…now.

While your new software is downloading, I’ll explain what this update is for and why it’s important to install new software updates as soon as they’re available.

The Cybersecurity and Infrastructure Security Agency (CISA) is a United States federal agency under the Department of Homeland Security that works across the public and private sectors to improve cybersecurity and  facilitate various cybersecurity programs, including training. CISA is constantly working to evolve its cybersecurity recommendations and programs in the following ways:

  • Capability Delivery
  • Threat Hunting
  • Operational Collaboration
  • Vulnerability Management
  • Capacity Building
  • Strategy, Resources & Performance  
  • Cyber Defense Education & Training

Why Was CISA Created?

The National Protection and Programs Directorate (NPPD) was formed with the goal of reducing and eliminating threats to critical infrastructure within the U.S. As cybersecurity threats from private and state-sponsored hackers evolved, so did the original organization. The NPPD’s mission expanded, and it was renamed to align better with its new goals. The NPPD, and its successor, CISA, are overseen by the Department of Homeland Security (DHS).

If Your Cybersecurity Is Lacking, Should You Be Worried?

You should be worried about cybercriminals, but not about CISA. CISA is a non-regulatory agency that is tasked with helping government and private organizations improve their cybersecurity posture and defend themselves against attack. The agency is authorized to receive and analyze information relating to evolving cybersecurity threats and disseminate that information to help other organizations defend themselves.

Sharing Security Information With CISA

If your industry has been classified as critical infrastructure under the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA), you’re required to report any significant cybersecurity incident to CISA. However, even if your organization falls outside of this jurisdiction, if you’ve been targeted by a cybercriminal, CISA would like to know about it. Sharing information with the agency can help the agency better protect other private and public sector organizations from a similar fate.

While many organizations may feel squeamish about telling the federal government they’ve been attacked, it’s important to share this data. The Protected Critical Infrastructure (PCII) Program protects any information a private sector organization shares with the government for the purposes of protecting national security. All identifying information must be removed from PCII-protected data before CISA can share it.

As the organization puts it, “As a global information exchange hub, CISA bears a significant responsibility to protect the information we receive and to ensure we safeguard privacy, business confidentiality, civil rights, and civil liberties. We take this responsibility extremely seriously, and we do everything in our power to earn our stakeholders’ trust by maintaining the confidentiality of sensitive information.”

What Is CISA’s Shields Up Campaign?

In response to Russia’s invasion of Ukraine last February, CISA launched its “Shields Up” cybersecurity campaign to warn businesses considered part of the U.S.’s critical infrastructure of a possible escalation in state-sponsored cybercrime.

Key intelligence indicated that Russia has been planning cyberattacks against vital infrastructure across public and private sector organizations operating in the U.S. Additionally, non-state sponsored cybercriminals sympathetic to the Russian government and its people have also threatened to launch further attacks.

Unfortunately, in an era where cyberattacks are skyrocketing in number and severity, maintaining a “Shields Up” posture will likely remain the new normal for the foreseeable future, regardless of what happens in Ukraine.

What’s CISA’s Relationship to NIST and the Cybersecurity Framework (CSF)?

To see if your organization is in line with CISA’s recommendations, the agency has developed the Cyber Resilience Review (CRR). This review was created before the National Institute of Standards and Technology Cybersecurity Framework, but in practice, the two are very closely aligned.

Is Your Organization Following CISA’s Guidelines?

CISA provides these downloadable resources to help your organization identify any areas of weakness, but going through all of them can take quite a bit of time — time that many organizations don’t have.

Marco’s cybersecurity experts can perform a comprehensive Cybersecurity Assessment that is based on recommendations from NIST CSF and the Center for Internet Security. In addition to finding vulnerabilities before hackers do, this assessment will also include a technology roadmap to help you prioritize upgrades.

Cybersecurity is, of course, constantly evolving, and the same recommendations that were sufficient two or three years ago are no longer enough to keep hackers at bay. To see whether your organization would benefit from a more in-depth assessment, this 60-second quiz will help you get a sense of how protected you currently are.

Learn more about a Cybersecurity Assessment Get Started Today

Topics: Security