Emergency Directive to Address Cisco Vulnerabilities

Emergency Directive to Address Cisco Vulnerabilities

CISA’s Emergency Directive 25-03 calls federal agencies to identify and mitigate potential compromise of Cisco devices to address vulnerabilities in Cisco Adaptive Security Appliances and Cisco Firepower devices. 

READ MORE
Lessons Learned from a CISA Indient Response Engagement

CISA Shares Lessons Learned from an Incident Response Engagement

Lessons Learned: CISA shares insights from a federal incident response, highlighting the importance of timely patching, proactive threat monitoring, and robust planning to strengthen defenses against cyber threats.

Read More
CISA Strategic Focus: CVE Quality for a Cyber Secure Future

CISA Strategic Focus: CVE Quality for a Cyber Secure Future

CISA unveils upcoming program enhancements: Strengthening partnerships, modernization, transparency and elevating data quality and responsiveness.   

Read More on this Strategic Focus
SBOM Guidance: A Shared Vision of SBOM for Cybersecurity

SBOM Guidance: A Shared Vision of SBOM for Cybersecurity

CISA, NSA, and 19 international partners release a shared vision of Software Bill of Materials (SBOM) highlighting the importance of SBOM in securing global supply chains & enhancing software resilience worldwide.

Learn More on SBOM
Joint Cybersecurity Guidance: Foundations for OT Cybersecurity: Asset Inventory Guidance for Owners and Operators

CISA and Partners Release Asset Inventory Guidance for Operational Technology Owners and Operators

Developed with government and industry partners, this guide helps OT organizations enhance their overall security posture, improve maintenance and reliability, and ensure the safety and resilience.

Read More
Emergency Directive (ED) 25-02: Mitigate Microsoft Exchange Vulnerability

Emergency Directive 25-02: Mitigate Microsoft Exchange Vulnerability

CISA issued Emergency Directive (ED) 25-02 in response to a newly disclosed vulnerability affecting Microsoft Exchange hybrid-joined configurations.

Read More

News Updates

View More News

Latest Operational Information

View All Alerts & Advisories Subscribe to Updates

How can we help?

All Audiences
Main St, street sign

Find Help Locally

Contact your Region

Assist Visits

Protected Critical Infrastructure Information

IT professional working at computers

Industry

Secure by Design

Information Sharing: A Vital Resource

PCII Program modernized

Joint Cyber Defense Collaborative expands

A small business worker making a transaction with a customer

Small and Medium Businesses

Cyber guidance for small businesses

Supplementing passwords

Doing business with CISA

Teenager boy and classmates in high school computer class

Educational Institutions

School Safety

Cybersecurity for K-12

K-12 School Security Product Suite

Protecting Our Future: Partnering to Safeguard K-12 Organizations from Cybersecurity Threats

All Audiences

JCDC unifies cyber defenders from organizations worldwide. This team proactively gathers, analyzes, and shares actionable cyber risk information to enable synchronized, holistic cybersecurity planning, cyber defense, and response.

JCDC

StopRansomware.gov is the U.S. Government's official one-stop location for resources to tackle ransomware more effectively.

STOPRANSOMWARE

SAFECOM works to improve emergency communications interoperability across local, regional, tribal, state, territorial, international borders, and with federal government entities.

SAFECOM

Additional CISA Resources

Abstract image of a PCB overlayed with cyber design elements

CISA’s Federal Cyber Defense Skilling Academy

CISA’s Federal Cyber Defense Skilling Academy provides full-time federal employees an opportunity to focus on professional growth through an intense, full-time, three-month accelerated training program.

Image of an event with speaker and participants

CISA Events

CISA hosts and participates in events throughout the year to engage stakeholders, seek research partners, and communicate with the public to help protect the homeland.

CISA Services Catalog

A single resource that provides you with access to information on services across CISA’s mission areas.

Employees pictured during training session

CISA Training

As part of our continuing mission to reduce cybersecurity and physical security risk, CISA provides a robust offering of cybersecurity and critical infrastructure training opportunities.