Skip to main content
U.S. flag

An official website of the United States government

Here’s how you know

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

HTTPS

Secure .gov websites use HTTPS
A lock (LockA locked padlock) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cybersecurity & Infrastructure Security Agency
America's Cyber Defense Agency

Search

 
 
  • Topics
    Cybersecurity Best Practices
    Cyber Threats and Advisories
    Critical Infrastructure Security and Resilience
    Election Security
    Emergency Communications
    Industrial Control Systems
    Information and Communications Technology Supply Chain Security
    Partnerships and Collaboration
    Physical Security
    Risk Management
    How can we help?
    GovernmentEducational InstitutionsIndustryState, Local, Tribal, and TerritorialIndividuals and FamiliesSmall and Medium Businesses
  • Spotlight
  • Resources & Tools
    All Resources & Tools
    Services
    Programs
    Resources
    Training
    Groups
  • News & Events
    News
    Events
    Cybersecurity Alerts & Advisories
    Directives
    Request a CISA Speaker
    Congressional Testimony
  • Careers
    Benefits & Perks
    HireVue Applicant Reasonable Accommodations Process
    Hiring
    Resume & Application Tips
    Students & Recent Graduates
    Veteran and Military Spouses
    Work @ CISA
  • About
    Culture
    Divisions & Offices
    Regions
    Leadership
    Doing Business with CISA
    Contact Us
    Site Links
    Reporting Employee and Contractor Misconduct
    CISA GitHub
Report a Cyber Issue
Breadcrumb
  1. Home
Share:
Shields UP!

SHIELDS UP!

As the nation’s cyber defense agency, CISA stands ready to help organizations prepare for, respond to, and mitigate the impact of cyberattacks.

SHIELDS UP Campaign Logo

VIDEO: Watch Director Easterly’s Interview with 60 Minutes

Overview

As the nation’s cyber defense agency, CISA stands ready to help organizations prepare for, respond to, and mitigate the impact of cyberattacks. CISA’s Shields Up campaign webpage provides recommendations, products, and resources to increase organizational vigilance and keep stakeholders informed about cybersecurity threats and destructive exploits against critical infrastructure.

Every organization—large and small—should adopt a heightened posture when it comes to cybersecurity and protect their most critical assets against disruptive cyber incidents. CISA also encourages our stakeholders to voluntarily share information about cyber-related events that could help mitigate current or emerging cybersecurity threats to critical infrastructure.”

Guidance

CISA urges everyone to protect themselves online and adopt a heightened posture when it comes to cybersecurity. CISA offers the following guidance for individuals, organizations, and leadership to enhance online security.

Man showing elderly man how to use the computer

Shields Up: Guidance for Families

Every individual can take simple steps to improve their cyber hygiene and protect themselves online. Here are 4 things you can do to keep yourself cyber safe.
Business people reviewing work on a table

Shields Up: Guidance for Organizations

CISA recommends all organizations—regardless of size—adopt a heightened posture when it comes to cybersecurity and protecting their most critical assets. Take these recommended actions.
A business CEO presenting from a screen

Shields Up: Guidance for Corporate Leaders and CEOs

Corporate leaders have an important role to play in ensuring that their organization adopts a heightened security posture. CISA urges all senior leaders, including CEOs, to take these steps.
Red skull against malicious code

Have you been affected by ransomware?

This checklist will take you through the response process from detection to containment and eradication.

Learn more

Quick Tips

As the nation’s cyber defense agency, CISA stands ready to help the nation prepare for, respond to, and mitigate the impact of cyber-attacks.

Icon with antivirus icon

Protect all devices with Antivirus

phone with text message

Enable multi-factor authentication

password icons

Choose strong passwords

Fish with hook

Avoid Phishing scams

Shopping icon

Shop at safe websites

Icon of URL

Check website URL

Privacy icon

Check your privacy settings

Icon for logging out

Remember to log off

Ransomware Response

Ransomware is a form of malware that encrypts files on device, rendering any files and the systems that rely on them unusable. Malicious actors then demand ransom in exchange for decryption. Ransomware incidents have become increasingly prevalent among the Nation’s state, local, tribal, and territorial (SLTT) government entities and critical infrastructure organizations.

Paying ransom will not ensure your data is decrypted or that your systems or data will no longer be compromised. CISA, MS-ISAC, and other federal law enforcement do not recommend paying ransom. In addition, attackers have begun following their ransom demands to decrypt the data with a follow-on extortion demand to keep data private.

Related Resources

Cybersecurity Advisories

  • #StopRansomware: LockBit 3.0
  • Threat Actors Exploit Progress Telerik Vulnerability in U.S. Government IIS Server
  • CISA Red Team Shares Key Findings to Improve Monitoring and Hardening of Networks
  • Alert (AA22-011A) Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure
  • Russia Cyber Threat Overview and Advisories (Webpage)
  • CISA Insights: Implement Cybersecurity Measures Now to Protect Against Potential Critical Threats (pdf) 

  • CISA Insights: Preparing for and Mitigating Foreign Influence Operations Targeting Critical Infrastructure (pdf) 

  • Alert (AA22-057A) Destructive Malware Targeting Organizations in Ukraine

  • Alert (AA22-110A) Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure

  • Alert (AA22-076A) Strengthening Cybersecurity of SATCOM Network Providers and Customers

  • Tactics, Techniques, and Procedures of Indicted State-Sponsored Russian Cyber Actors Targeting the Energy Sector

  • Alert (AA22-074A) Russian State-Sponsored Cyber Actors Gain Network Access by Exploiting Default Multifactor Authentication Protocols and ‘PrintNightmare’ Vulnerability

  • Alert (AA22-131A) Protecting Against Cyber Threats to Managed Service Providers and their Customers

  • Alert (AA22-117A) 2021 Top Routinely Exploited Vulnerabilities

  • Alert (AA22-216A) 2021 Top Malware Strains

  • Alert (AA22-265A) Control System Defense: Know the Opponent

  • Alert (AA22-137A) Weak Security Controls and Practices Routinely Exploited for Initial Access

Cyber Preparedness Resources

  • CISA Establishes Ransomware Vulnerability Warning Pilot Program
  • CISA, FBI, NSA, and International Partners Issue Advisory on Demonstrated Threats and Capabilities of Russian State-Sponsored and Cyber Criminal Actors
  • CISA/DOE Insights: Mitigating Attacks Against Uninterruptible Power Supply Devices
  • Updated: Conti Ransomware Cybersecurity Advisory
  • National Cyber Awareness System

  • New Federal Government Cybersecurity Incident and Vulnerability Response Playbooks

  • Cyber Essentials Toolkits

  • Cyber Resources

  • CISA Cybersecurity Awareness Program Toolkit

CISA Tools

View More Tools

Cyber Guidance for Small Businesses

Cyber incidents have surged among small businesses that often do not have the resources to defend against devastating attacks like ransomware. The security landscape has changed, and our advice needs to evolve with it.

Cyber Incident Resource Guide for Governors

PUBLICATION
The Cyber Incident Resource Guide for Governors provides information for governors and their staff on how to request federal support during or following a cyber incident.
Download File (PDF, 654.7 KB)

Known Exploited Vulnerabilities Catalog

For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild.
View More Tools

Foreign Influence Operations and Disinformation Resources

War on Pineapple

JUN 28, 2021 | PUBLICATION
This infographic, with a tongue-in-cheek approach to putting pineapple on pizza, looks at how foreign adversaries conduct malign information operations to inflame hot button issues in the United States.
Download File (PDF, 804.18 KB)

Tactics of Disinformation

OCT 18, 2022 | PUBLICATION
Disinformation actors use a variety of tactics to influence others, stir them to action, and cause harm. Understanding these tactics can increase preparedness and promote resilience when faced with disinformation.
Download File (PDF, 907.51 KB)

Emergency Communications Resources

Priority Telecommunications Fact Sheet

PUBLICATION
CISA offers three priority telecommunications services that enable essential personnel to communicate when networks are degraded or congested due to weather events, mass gatherings, cyber-attacks, or events stemming from human error.
Download File (PDF, 337.37 KB)

Priority Telecommunications Eligibility Fact Sheet

PUBLICATION
CISA provides Wireless Priority Service (WPS), Government Emergency Telecommunications Service (GETS), and Telecommunications Service Priority (TSP) to ensure that all essential organizations and their personnel have access to priority telecommunications and restoration services.
Download File (PDF, 684.49 KB)

Executive Messages

Congress often asks CISA leadership and management to testify about the agency’s operations and activities related to cybersecurity. 

  • Statement by President Biden on our Nation's Cybersecurity
  • White House Fact Sheet: Act Now to Protect Against Potential Cyberattacks

More

United States and Ukraine Expand Cooperation on Cybersecurity

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Ukrainian State Service of Special Communications and Information Protection of Ukraine (SSSCIP) signed a Memorandum of Cooperation (MOC) this week to strengthen collaboration on shared cybersecurity priorities.

View Full Press Release

Return to top
  • Topics
  • Spotlight
  • Resources & Tools
  • News & Events
  • Careers
  • About
Cybersecurity & Infrastructure Security Agency
  • Facebook
  • Twitter
  • LinkedIn
  • YouTube
  • Instagram
  • RSS
CISA Central 888-282-0870 Central@cisa.dhs.gov
DHS Seal
CISA.gov
An official website of the U.S. Department of Homeland Security
  • About CISA
  • Accessibility
  • Budget and Performance
  • DHS.gov
  • FOIA Requests
  • No FEAR Act
  • Office of Inspector General
  • Privacy Policy
  • The White House
  • USA.gov
  • Website Feedback