CISA Launches the Infrastructure Dependency Primer to Strengthen Community Resilience

 Infrastructure is the backbone of communities, providing critical services and enabling essential functions such as health, safety, and economic growth. Understanding critical infrastructure dependencies and incorporating them into planning is key to the resilience of communities across the nation.  The Cybersecurity and Infrastructure Security Agency (CISA) announces today the Infrastructure Dependency Primer (IDP), developed to help state, local, tribal, and territorial planners and decisionmakers better understand how infrastructure dependencies can impact community risk and resilience and how to incorporate that knowledge into ongoing community planning. 
Last Published Date: November 19, 2021

Enduring Security Framework Releases Part II of Security Guidance for 5G Cloud Infrastructures

As part of the Enduring Security Framework (ESF), the National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) published guidance today to mitigate cyber threats within 5G cloud infrastructure. Securely Isolate Network Resources examines threats to 5G container-centric or hybrid container/virtual network, also known as Pods.
Last Published Date: November 18, 2021

Pragmatic Cyber Security Webinar

The Pragmatic Cyber Security series is sponsored by CISA’s Cybersecurity Division’s Vulnerability Management subdivision, which works to provide cybersecurity guidance, assistance, and support to organizations across the nation working to manage, prevent and respond to cybersecurity risks. The threats and risks to our controls systems and infrastructure are real and more evident in the news than ever before.  

CISA Releases Directive on Reducing the Significant Risk of Known Exploited Vulnerabilities

Today the Cybersecurity and Infrastructure Security Agency (CISA) issued Binding Operational Directive (BOD) 22-01, Reducing the Significant Risk of Known Exploited Vulnerabilities, to drive urgent and prioritized remediation of vulnerabilities that are being actively exploited by adversaries. The directive establishes a CISA-managed catalog of known exploited vulnerabilities and requires federal civilian agencies to remediate such vulnerabilities within specific timeframes.
Last Published Date: November 3, 2021

Operation Flashpoint

Businesses, employees, and the public play an important role in helping safeguard our communities from bad actors who seek to use improvised explosive devices (IEDs) made from common household products. Businesses including hardware and beauty supply stores may possess or sell products that can be used to make IEDs such as precursor chemicals or device components. The FBI and CISA need your help to recognize and report suspicious activity associated with the nefarious acquisition or use of these products.

CISA and Partners Coordinate on Security, Combatting Misinformation for Election Day

With elections in more than 30 states tomorrow, the Cybersecurity and Infrastructure Security Agency (CISA) will host an election situational awareness room to coordinate with federal partners, state and local election officials, private sector election partners, and political organizations to share real-time information and provide support as needed. While there is no specific, credible threat to election infrastructure, CISA stands ready to provide cyber incident response and expertise if needed. CISA encourages voters to turn to state and local election officials as trusted sources of information.  
Last Published Date: November 1, 2021

NSA and CISA Provide Cybersecurity Guidance for 5G Cloud Infrastructures

The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) have published cybersecurity guidance to securely build and configure cloud infrastructures in support of 5G. Security Guidance for 5G Cloud Infrastructures: Prevent and Detect Lateral Movement is the first of a four-part series created by the Enduring Security Framework (ESF), a cross-sector, public-private working group which provides cybersecurity guidance that addresses high priority cyber-based threats to the nation’s critical infrastructure.
Last Published Date: October 28, 2021