Industry

CISA works with partners to defend against today’s threats and collaborate to build more secure and resilient infrastructure for the future. The threats we face—digital and physical, man-made, technological, and natural—have become more complex, and the threat actors more diverse. As we lead the nation’s efforts to understand and manage risk to our critical infrastructure, partnerships that span the public and private sectors are crucial to our success.

The programs and services we provide are driven by our comprehensive understanding of the risk environment and the corresponding needs identified by our stakeholders. We help organizations manage risk and increase resilience using all available resources, including those provided by the federal government and commercial vendors.

Featured Articles

DHS Announces New Cybersecurity Performance Goals for Critical Infrastructure

DEC 08, 2022 | PRESS RELEASE

CISA developed cross-sector recommendations to help organizations prioritize cybersecurity investments.

CISA Publishes Technical Rule to Update Protected Critical Infrastructure Information (PCII) Program

DEC 21, 2022 | BLOG

CISA is issuing a technical rule to improve and modernize aspects of the Protected Critical Infrastructure Information (PCII) Program to help critical infrastructure owner/operators, state and local governments, and other important stakeholders more effectively use it.

CISA Expands the Joint Cyber Defense Collaborative to include Industrial Control Systems Industry Expertise

APR 20, 2022 | PRESS RELEASE

The JCDC has expanded to include Industrial Control Systems (ICS) experts to further increase U.S. government focus on the cybersecurity and resilience of industrial control systems and operational technology.

Alerts & Directives

ED 22-03: Mitigate VMware Vulnerabilities

CISA has identified vulnerabilities in VMWare products that pose an unacceptable risk to FCEB agencies and require emergency action.

BOD 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities

This directive establishes a CISA-managed catalog of known exploited vulnerabilities that carry significant risk to the federal enterprise and establishes requirements for agencies to remediate any such vulnerabilities included in the catalog.

Contact Your Regional Office

Region 1

Connecticut, Maine, Massachusetts, New Hampshire, Rhode Island, Vermont

Region 2

New Jersey, New York, Puerto Rico, U.S. Virgin Islands

Region 3

Delaware, District of Columbia, Maryland, Pennsylvania, Virginia, West Virginia

Region 4

Alabama, Florida, Georgia, Kentucky, Mississippi, North Carolina, South Carolina, Tennessee

Region 5

Illinois, Indiana, Michigan, Minnesota, Ohio, Wisconsin

Region 6

Arkansas, Louisiana, New Mexico, Oklahoma, Texas

Region 7

Iowa, Kansas, Missouri, Nebraska

Region 8

Colorado, Montana, North Dakota, South Dakota, Utah, Wyoming

Region 9

Arizona, California, Hawaii, Nevada, Guam, American Samoa, Commonwealth of the Northern Mariana Islands

Region 10

Alaska, Idaho, Oregon, Washington

Services

CISA has compiled a list of free tools and services to help the private sector further advance their security capabilities. This living repository includes services provided by CISA, widely used open-source tools, and other free tools and services offered by private and public sector organizations.

View Services

Automated Indicator Sharing (AIS) Service

INCREASE YOUR RESILIENCE

Contact: cyberservices@cisa.dhs.gov

Automated Indicator Sharing (AIS) is a service that enables participants in the service to exchange cyber threat indicators with State, Local, Territorial, and Tribal governments and the private sector at machine speed.

ChemLock On-Site Assessments and Assistance

INCREASE YOUR RESILIENCE

Contact: ChemLock@cisa.dhs.gov

Under the ChemLock program, CISA can provide virtual or on-site assistance and assessments that help facilities with dangerous chemicals identify the specific risks for their facility and offer tailored suggestions for security measures that will enhance their security posture.

Request On-Site Assessment or Assistance

Crossfeed

ASSESS YOUR RISK LEVEL

Contact: vulnerability@cisa.dhs.gov

Crossfeed enables organizations to make better-informed risk decisions, provides CISA with greater insight on vulnerabilities in public-facing assets supporting National Critical Functions, and enables CISA to better fulfill its existing vulnerability management requirements.

Publications

Publication

Featured Content

Information Sharing: A Vital Resource

Disclosing CVI within a Facility and Among Private Sector Entities