Systemic Cyber Risk Reduction

Working with government and industry partners, CISA’s National Risk Management Center is adding analytic rigor to the ability for organizations to quantify cyber risk impact for cybersecurity measures they have in place in order to develop actionable metrics, and use this information to reduce shared risk to the Nation’s security and economic security.

CISA Issues Emergency Directive to Mitigate the Compromise of Solarwinds Orion Network Management Products

The Cybersecurity and Infrastructure Security Agency (CISA) tonight issued Emergency Directive 21-01, in response to a known compromise of SolarWinds Orion products that are currently being exploited by malicious actors. This Emergency Directive calls on all federal civilian agencies to review their networks for indicators of compromise and disconnect or power down SolarWinds Orion products immediately.
Last Published Date: December 14, 2020

5G Edge Vs Core

The Edge vs. Core - An Increasingly Less Pronounced Distinction in 5G Networks informs stakeholders about how edge computing increases the risks of untrusted components into 5G networks by moving core functions away from traditional network boundaries. The product is intended to provide an overview of edge computing and represents CISA’s analysis of the risks associated with installation of untrusted components into 5G infrastructures.

Knowledge Manager

This role is responsible for the management and administration of processes and tolls that enable the organization to identify, document, preserve, transfer, analyze, synthesize, and access intellectual capital and information content.

Personnel performing this work role may unofficially or alternatively be called:


CISA is conducting a limited pilot of Crossfeed, an asset discovery tool used to better understand the risks and status of the cyber infrastructure landscape on public-facing election infrastructure assets through the 2020 elections.