The Cybersecurity and Infrastructure Security Agency (CISA) was founded in 2018 and is a standalone United States federal agency, organized under the Department of Homeland Security (DHS). It exists to improve cybersecurity across all levels of government, coordinate cybersecurity programs with U.S. states, and improve the government’s cybersecurity protections against private and nation-state hackers.
At a deeper level, CISA acts as the nation’s cybersecurity risk advisor, working with partners to defend against cyber threats and collaborating with the security industry to build a more secure and resilient infrastructure for the future.
In fact, the CISA slogan is “Defend Today, Secure Tomorrow.”
CISA collaborates with the public and private sectors, as well as academia, to understand and manage the risk our critical infrastructure faces, and help organizations better manage their risk and increase their resilience using all available resources, whether provided by the Federal Government, commercial vendors, or their own capabilities.
Part of building a secure tomorrow is building a diverse cyber workforce, fostering development and use of secure technologies, promoting cybersecurity best practices, and informing of current security risks and threats. CISA does so using Emergency Directives and Alerts. It issued its first Emergency Directive in January 2019 on DNS spoofing attacks and continues to do so as the need arises. Its most recent was the Windows Print Spooler Service Vulnerability Emergency Directive, issued in July. CISA’s most recent Alert was regarding the increased use of Conti ransomware.
As the need for cybersecurity continues to rise, CISA has become more crucial in alerting the public of cyber threats and aligning public and private resources to fight cybercrime. For more information on CISA, visit: https://www.cisa.gov/
Governmental and Law Enforcement
In Case of Cyber Attack Emergency
If a ransomware incident occurs at your organization, CISA, FBI, and NSA recommend the following actions:
- Follow the Ransomware Response Checklist on p. 11 of the CISA-Multi-State Information Sharing and Analysis Center (MS-ISAC) Joint Ransomware Guide
- Scan your backups. If possible, scan your backup data with an antivirus program to check that it is free of malware.
- Report incidents immediately to CISA at https://us-cert.cisa.gov/report, a local FBI Field Office, or U.S. Secret Service Field Office
- Apply incident response best practices found in the joint advisory from Australia, Canada, New Zealand, the United Kingdom, and the United States on Technical Approaches to Uncovering and Remediating Malicious Activity.
Contact your Local FBI Office - https://www.fbi.gov/contact-us/field-offices
Report a Complaint to the FBI’s Internet Criminal Complaint Center: www.IC3.gov
Technical Expertise/Crisis Communications