Shields Ready

Overview

CISA’s Shields Ready campaign is about making resilience during incidents a reality by taking action before incidents occur. As a companion to CISA’s Shields Up initiative, Shields Ready drives action at the intersection of critical infrastructure resilience and national preparedness. This campaign is designed to help all critical infrastructure stakeholders to take action to enhance security and resilience—from industry and businesses to government entities at all levels, and even individuals by providing recommendations, products, and resources to increase individual and collective resilience for different risk contexts and conditions. By taking steps in advance of an incident, organizations, individuals, and communities are better positioned to quickly adjust their posture for heightened risk conditions, in turn helping to prevent incidents, to reduce impact, and get things back to normal—or better—as quickly as possible. Being part of the resilience journey makes for more resilient people, organizations, and communities.

Key Steps to Building Resilience

Identify Critical Assets and Map Dependencies: Determine the systems that are critical for ongoing business operations and map out their key dependencies on technology, vendors, and supply chains.
Assess Risks: Consider the full range of threats that could disrupt these critical systems and the specific impacts such threats could pose to continuity of operations.
Plan and Exercise: Develop incident response and recovery plans to reduce the impact of these threats to critical systems and conduct regular exercises under realistic conditions to ensure the ability to rapidly restore operations with minimal downtime.
Adapt and Improve: Periodically evaluate and update response and recovery plans based on the results of exercises real-world incidents and an ongoing assessment of the threat environment.

Adapting to Changing Risk Conditions

The threats and hazards facing America’s critical infrastructure are changing, through more frequent, severe natural disasters; relentless criminal and foreign sponsored cyberattacks; continued threats of terrorism and targeted violence; pandemics and changing migration and labor patterns; and growing international competition and potential conflict. The interconnectivity of critical infrastructure also creates risks because a disruption in one place can ripple near and far. We can and must be more resilient to the range of changing risk conditions that threaten critical infrastructure and the communities, and nation, it supports.

A collage of natural disasters and climate change

Extreme Weather and Climate Change

Natural hazard shocks and stressors like floods, hurricanes, winter storms, wildfires, earthquakes, extreme heat, sea level rise, drought, and geomagnetic disturbances drive significant risk to our critical infrastructure.

Cyber Threats

Sophisticated, ever-evolving criminal and nation-state cyber threat actors exploit vulnerabilities to steal information and money and are developing capabilities to disrupt, destroy, or threaten the delivery of essential services.

A crowded street of people walking in a city

Terrorism and Targeted Violence

Critical infrastructure systems and assets, and related publicly accessible facilities like businesses, schools, and houses of worship, are common targets of terrorists and other violent criminals.

Guidance

Take advantage of the free resources available to strengthen and improve the resilience of critical infrastructure systems and services.

View More Resources

Critical Infrastructure Security and Resilience Month Toolkit

Discover how to get involved in Critical Infrastructure Security and Resilience Month using the one-stop-shop toolkit of CISA resources.

Cyber image with secure lock and other icons.

Planning Considerations for Cyber Incidents

This guide, produced by FEMA and CISA, is intended to help state, local, tribal, and territorial emergency management personnel collaboratively prepare for cyber events.

Infrastructure Resilience Planning Framework (IRPF)

This planning framework provides processes and a series of tools and resources for incorporating critical infrastructure resilience considerations into planning activities.

Resource Guide for Developing a Resilient Supply Chain Risk Management Plan

A guide to help Small and Medium-Sized Businesses establish an actionable Supply Chain Risk Management (SCRM) plan that will support the mitigation of risks and disruptions to their supply chains.

Cyber Essentials Toolkit Chapter 6: Your Crisis Response

Guidance on responding to and recovering from a cyber attack, including developing an incident response plan and disaster recovery plan; and using business impact assessments to prioritize resources and identify systems to be recovered and more.

Illustration of a city with public safety communications and cyber resiliency topics

Communications and Cyber Resiliency Toolkit

The toolkit assists public safety agencies and others responsible for communications networks in evaluating current resiliency capabilities, identifying ways to improve resiliency, and developing plans for mitigating the impact of potential threats.

Secure Tomorrow Series

The Secure Tomorrow Series is a strategic foresight capability focused on identifying emerging and evolving risks that could significantly affect the nation’s critical infrastructure in the next 3 to 20 years in order to analyze, prioritize, and manage those drivers of risk to steer towards a preferred future.

CISA Services

Employ CISA services to collaboratively enhance your organization's or community's resilience.

FEMA's Ready Campaign

Shields Ready partners with Ready, FEMA’s national public service campaigned designed to educate and empower people to prepare to prepare for, respond to and mitigate emergencies and disasters.

Visit FEMA's Ready Campaign