Blog. Lessons from XZ Utils: Achieving a More Sustainable Open Source Ecosystem

Lessons from XZ Utils: Achieving a More Sustainable Open Source Ecosystem

Read our latest blog on how we are responding to the XZ Utils compromise and how every tech manufacturer should take a #SecureByDesign approach to securing open source software. 

24-0104 SOCIAL-WEB ED24-02_IG-1080x1920

Mitigating the Significant Risk from Nation-State Compromise of Microsoft Corporate Email System

CISA directs federal agencies to mitigate significant risk from Russian state-sponsored cyber threat in Emergency Directive 24-02. 

The .gov Domain. Helping Mitigate Election Office Cybersecurity and Impersonation Risks

Transitioning to .Gov: Helping Mitigate Election Office Cybersecurity and Impersonation Risks

This guide encourages election offices to adopt a .gov domain to help them and other state, local, tribal, and territorial (SLTT) government entities mitigate impersonation and cybersecurity risks.

Cyber Safety Review Board. Review of the Summer 2023 Microsoft Exchange Online Intrusion.

Latest CSRB Report

Read the Cyber Safety Review Board’s (CSRB) findings and recommendations following its independent review of the Summer 2023 Microsoft Exchange Online intrusion.

Joint Cyber Defense Collaborative. High-Risk Communities Webpage. Resources to Empower Civil Society's Digital Defense

High-Risk Communities

CISA published High-Risk Communities webpage with cybersecurity resources to support civil society organizations to include training opportunities, local volunteer programs, and free tools and services.

April is Emergency Communications Month

Emergency Communications Month

Emergency Communications Month honors the nation’s emergency responders and communicators, emphasizing the importance of emergency communications and the need to work together in building resilient critical infrastructure.

JCDC unifies cyber defenders from organizations worldwide. This diverse team proactively gathers, analyzes, and shares actionable cyber risk information to enable synchronized, holistic cybersecurity planning, cyber defense, and response.

StopRansomware.gov is the U.S. Government's official one-stop location for resources to tackle ransomware more effectively.

SAFECOM works to improve emergency communications interoperability across local, regional, tribal, state, territorial, international borders, and with federal government entities.

Additional CISA Resources

Image of an event with speaker and participants

CISA Events

CISA hosts and participates in events throughout the year to engage stakeholders, seek research partners, and communicate with the public to help protect the homeland.

CISA Services Catalog

A single resource that provides you with access to information on services across CISA’s mission areas.

Books display

CISA Publications

The publication library contains guidance and policy papers, reports, strategies, program regulations, guidelines, brochures and more.

Employees pictured during training session

CISA Training

As part of our continuing mission to reduce cybersecurity and physical security risk, CISA provides a robust offering of cybersecurity and critical infrastructure training opportunities.