An abstract image showing cyber code

Industry

CISA partners with the public and private sector to better understand and manage risk.
Report a Cyber Issue
Organizations should report anomalous cyber activity and/or cyber incidents 24/7 to report@cisa.gov or 1-844-Say-CISA.

CISA works with partners to defend against today’s threats and collaborate to build more secure and resilient infrastructure for the future. The threats we face—digital and physical, man-made, technological, and natural—have become more complex, and the threat actors more diverse. As we lead the nation’s efforts to understand and manage risk to our critical infrastructure, partnerships that span the public and private sectors are crucial to our success. 

The programs and services we provide are driven by our comprehensive understanding of the risk environment and the corresponding needs identified by our stakeholders. We help organizations manage risk and increase resilience using all available resources, including those provided by the federal government and commercial vendors. 

Featured Content

Secure by Design

It's time to build cybersecurity into the design and manufacture of technology products. Find out what it means to be secure by design.

Information Sharing: A Vital Resource

An overview of the Executive Order encouraging the development of ISAOs; CISA resources available to help these groups share information effectively.

Disclosing CVI within a Facility and Among Private Sector Entities

Learn more about disclosing Chemical-terrorism Vulnerability Information (CVI) within a facility and among private sector entities.

Latest News

Discover the latest CISA news related to Industry.

CISA’s ScubaGear Tool Improves Security for Organizations Using M365 and Surpasses 30,000 Downloads

NOV 13, 2024 | BLOG
Illustration of a city with public safety communications and cyber resiliency topics

CISA Updates Toolkit with Nine New Resources to Promote Public Safety Communications and Cyber Resiliency

MAY 13, 2024 | BLOG
Since its last update in February 2024, the Toolkit has been updated to Version 24.1 with nine new resources.

CISA Updates Toolkit to Promote Public Safety Communications and Cyber Resiliency

MAR 04, 2024 | BLOG
Since its last update in August 2023, the Toolkit has been updated with seven new resources spread over the existing sections.

Alerts & Directives

Alerts provide timely information about current security issues, vulnerabilities, and exploits.

Threat Actors Chained Vulnerabilities in Ivanti Cloud Service Applications

JAN 22, 2025 | CYBERSECURITY ADVISORY | AA25-022A
The Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) are releasing this joint Cybersecurity Advisory in response to exploitation in September 2024 of vulnerabilities in Ivanti Cloud Service Appliances (CSA).

CISA and Partners Release Call to Action to Close the National Software Understanding Gap

JAN 16, 2025 | ALERT
This report further explores the opportunity for enhanced coordination to strengthen technical foundations and progress towards a more vigorous understanding of software on a national scale.

CISA Releases Microsoft Expanded Cloud Logs Implementation Playbook

JAN 15, 2025 | ALERT

Services

CISA has compiled a list of free tools and services to help the private sector further advance their security capabilities. This living repository includes services provided by CISA, widely used open-source tools, and other free tools and services offered by private and public sector organizations. 

View Services

Automated Indicator Sharing (AIS) Service

INCREASE YOUR RESILIENCE
Contact: cyberservices@cisa.dhs.gov
Automated Indicator Sharing (AIS) is a service that enables participants in the service to exchange cyber threat indicators with State, Local, Territorial, and Tribal governments and the private sector at machine speed.
Foundational, Intermediate, Advanced
ChemLock wordmark

ChemLock On-Site Assessments and Assistance

INCREASE YOUR RESILIENCE
Contact: ChemLock@cisa.dhs.gov
Under the ChemLock program, CISA can provide on-site assistance and assessments that help facilities with dangerous chemicals identify the specific risks for their facility and offer tailored suggestions for security measures that will enhance their security posture.
Request On-Site Assessment or Assistance
Foundational

Crossfeed

ASSESS YOUR RISK LEVEL
Contact: vulnerability@cisa.dhs.gov
Crossfeed enables organizations to make better-informed risk decisions, provides CISA with greater insight on vulnerabilities in public-facing assets supporting National Critical Functions, and enables CISA to better fulfill its existing vulnerability management requirements.
View Services

Helpful Resources

Use CISA's resources to gain important best practices, knowledge, and skills related to Industry.

Secure by Design Alert: Eliminating Buffer Overflow Vulnerabilities

FEB 12, 2025 | FACT SHEET, PUBLICATION
This Secure by Design Alert is part of an ongoing series aimed at advancing industry-wide best practices to eliminate entire classes of vulnerabilities during the design and development phases of the product lifecycle.
Download File (PDF, 521.92 KB)

Guidance and Strategies to Protect Network Edge Devices

FEB 04, 2025 | EXTERNAL, PUBLICATION
View Files

Closing the Software Understanding Gap

JAN 16, 2025 | PUBLICATION
Download File (PDF, 944.87 KB)

Microsoft Expanded Cloud Logs Implementation Playbook

JAN 15, 2025 | PUBLICATION
Download File (PDF, 2.25 MB)

Contact Your Regional Office