CISA

Systemic Cyber Risk Reduction

Working with government and industry partners, CISA’s National Risk Management Center is adding analytic rigor to the ability for organizations to quantify cyber risk impact for cybersecurity measures they have in place in order to develop actionable metrics, and use this information to reduce shared risk to the Nation’s security and economic security.

Confronting Heightened Cybersecurity Threats Amid COVID-19

Did you know that Americans’ private health data is estimated to be worth up to 20 times the value of financial data on the Dark Web?[1]  This makes the Health and Public Health (HPH) Sector a primary target for cybercriminals. When an HPH Sector entity is affected by a cyber event, the public may lose its ability to engage with or receive health services, putting lives at risk.  The COVID-19 pandemic has raised the stakes, increasing cyber risk in the HPH Sector in proportion the increased pace of activity amid widespread transition to remote work environments.

Confronting Heightened Cybersecurity Threats Amid COVID-19

Did you know that Americans’ private health data is estimated to be worth up to 20 times the value of financial data on the Dark Web?[1]  This makes the Health and Public Health (HPH) Sector a primary target for cybercriminals. When an HPH Sector entity is affected by a cyber event, the public may lose its ability to engage with or receive health services, putting lives at risk.  The COVID-19 pandemic has raised the stakes, increasing cyber risk in the HPH Sector in proportion the increased pace of activity amid widespread transition to remote work environments.

COVID-19 Vaccine Rollout

CISA is working with the Department of Health and Human Services, Department of Defense, and other government partners to support the delivery of COVID-19 vaccinations throughout the U.S., including support to Operation Warp Speed. As part of the unified federal effort, CISA brings expertise in risk analysis and mitigation approaches, cyber and physical security, supply chain security, and critical infrastructure partnerships.

Integrated Operations Division

The Integrated Operations Division (IOD) provides a national capability to deliver CISA services to our stakeholders and partners across state and local governments and the critical infrastructure community.

Last Updated Date: January 6, 2021

CISA Releases ICT Supply Chain Risk Management Task Force Year 2 Report

Today, the Cybersecurity and Infrastructure Security Agency (CISA) and government and industry members of the Information and Communications Technology (ICT) Supply Chain Risk Management (SCRM) Task Force released an annual report on its progress to advance meaningful partnerships and analysis around supply chain security and resilience.
Last Published Date: December 17, 2020

ICT SCRM Task Force Year Two Report

This report provides an update on the ICT Supply Chain Risk Management (SCRM) Task Force’s progress in Year Two to advance meaningful partnerships and analysis around supply chain security and resilience. The report summarizes the work of the Task Force’s five working groups to address challenges to information sharing, threat analysis, qualified bidder and qualified manufacturer lists, vendor assurance, and impacts of the COVID-19 pandemic on ICT supply chains.

Return to ICT Supply Chain Risk Management.

Cyber Threats to K-12 Remote Learning Education

The Cybersecurity and Infrastructure Security Agency (CISA) has seen an increase in malicious activity with ransomware attacks against K-12 educational institutions. Malicious cyber actors are targeting school computer systems, slowing access, and rendering the systems inaccessible to basic functions, including remote learning. In some instances, ransomware actors stole and threatened to leak confidential student data unless institutions paid a ransom.