CyberStat
Description
The Federal Information Security Modernization Act (FISMA) of 2014 tasks CISA with administering the implementation of Federal Civilian Executive Branch (FCEB) agency information security policies and practices. CISA fulfills this responsibility in various ways, including the CyberStat program.
CyberStat focuses on strengthening executive branch defenses by addressing individual agency challenges while maximizing limited Office of Management and Budget (OMB) and CISA resources. By hosting informative engagements for government users, the CyberStat team assists agencies with maturing their cyber programs while achieving policy-based goals.
CyberStat Engagements
In coordination with OMB, CISA CyberStat engagements assist agencies in reducing risk and protecting their systems, networks, and data to bolster the federal government’s defenses against cyber compromises. The engagements include capacity building workshops, office hours, and information sessions, which provide agencies with timely guidance and tools to achieve security outcomes in a consistent manner.
Workshops use a cohort model to bring together peers and subject matter experts and highlight industry-leading practices and successful tools. Through the engagements, participants receive help with building tangible solutions, including agency strategies and implementation plans. Workshops provide agencies with the necessary principles and practices to transform complex cybersecurity challenges into repeatable processes.
CISA provides an increased level of service and support to agencies by addressing key cross-agency cybersecurity risk management challenges. In Calendar Year 2024, CISA hosted over 8,000 attendees across 16 engagements, including 11 workshops, and 5 office hour sessions. Through the CyberStat program, CISA continues to host timely engagements associated with White House executive orders (EO), OMB memoranda, and binding operational directives.
CISA CyberStat Information
CISA publishes frequently asked questions (FAQs), workshop slides, engagement summaries, and other engagement-related material to the CyberStat program connect.gov (formerly OMB MAX) page, for download and reuse. Please note that connect.gov is accessible only to federal and federally contracted or sponsored users.
Connect With CyberStat
To participate in the CyberStat program, please visit the connect.gov page (login required).
Contact
CISA strives to support agencies and increase their cyber resilience by building relationships with key stakeholders and communicating the value of CyberStat program participation.
For more information about the CyberStat Workshops, email: cyberstat@mail.cisa.dhs.gov.
Learn More About CyberStat
See the following resources to learn more about the CyberStat program:
- Memorandum 11-33: FY 2011 Reporting Instructions for the Federal Information Security Management Act and Agency Privacy Management
- Information Security: DHS Needs to Continue to Advance Initiatives to Protect Federal Systems (GAO-17-518T)
- Federal Information Security: Agencies and OMB Need to Strengthen Policies and Practices (GAO 19-545)
- Federal Agencies Made Progress, but Need to Fully Implement Incident Response Requirements (GAO-24-105658)
- Federal Information Security Modernization Act of 2014: Annual Report Fiscal Year 2023
- 2024 Report on the Cybersecurity Posture of the United States