Sitemap

About CISA

• About CISA
  • CISA Careers
    • Hiring Events
    • Hiring FAQs
      • Hiring Process FAQs
      • FAQs - Job Offer Hiring Events
    • Work @ CISA
      • Cyber Jobs
        • Authorizing Official
        • CSA
        • Cyber Defense Analyst
        • Cyber Defense Forensics Analyst
        • Cyber Defense Incident Responder
        • Cyber Instructional Curriculum Developer
        • Cyber Policy and Strategy Planner
        • Cyber Workforce Developer and Manager
        • Data Analyst
        • Database Administrator
        • IT Investment Portfolio Manager
        • IT Program Auditor
        • IT Project Manager
        • Information Systems Security Manager
        • Knowledge Manager
        • Network Operations Specialist
        • Program Manager
        • Secure Software Assessor
        • Security Architect
        • Security Control Assessor
        • Software Developer
        • System Administrator
        • System Testing and Evaluation Specialist
        • Systems Developer
        • Systems Requirements Planner
        • Systems Security Analyst
        • Technical Support Specialist
        • Vulnerability Assessment Analyst
      • Emergency Communications Jobs
      • Infrastructure Security Jobs
        • PSA
      • National Risk Management Jobs
    • Student & Recent Graduate Programs
      • Cyber Interns
      • Pathways Interns
        • Business Interns
        • HR Interns
      • Recent Grad
    • Benefits & Perks
    • Resume & Application Tips
  • Cybersecurity
  • CISA Global
  • Emergency Communications
  • Contact Us
  • Infrastructure Security
    • Critical Infrastructure Sectors
      • Chemical Sector
      • Commercial Facilities Sector
        • Commercial Facilities Publications
      • Communications Sector
      • Critical Manufacturing Sector
      • Dams Sector
      • Defense Industrial Base Sector
      • Emergency Services Sector
      • Energy Sector
      • Financial Services Sector
      • Food and Agriculture Sector
      • Government Facilities Sector
      • Healthcare and Public Health Sector
      • Identifying Critical Infrastructure During COVID-19
      • Information Technology Sector
      • Nuclear Reactors, Materials, and Waste Sector
      • Sector-Specific Agencies
      • Transportation Systems Sector
      • Water and Wastewater Systems Sector
    • Infrastructure Assessments and Analysis
    • CISA Chemical Security
    • Office for Bombing Prevention (OBP)
      • Bomb-Making Materials Awareness Program (BMAP)
      • Counter-IED Training and Awareness
        • Counter-IED Awareness Products
        • Counter-IED Training Courses
      • Multi-Jurisdiction Improvised Explosive Device Security Planning (MJIEDSP)
      • National Counter-Improvised Explosive Device Capabilities Analysis Database (NCCAD)
      • TRIPwire (Technical Resource for Incident Prevention)
      • What to Do - Bomb Threat
    • UAS Considerations for Law Enforcement Action
    • Unmanned Aircraft Systems FAQ
  • CISA Regional Offices
    • Region 1
    • Region 2
    • Region 3
    • Region 4
    • Region 5
    • Region 6
    • Region 7
    • Region 8
    • Region 9
    • Region 10
  • Reporting Employee and Contractor Misconduct
  • Critical Infrastructure Partnership Advisory Council
    • CIPAC Meeting Agendas
    • CIPAC Working Groups by Sector
      • Chemical Working Groups
      • Commercial Facilities Working Groups
      • Communications Working Groups
      • Critical Manufacturing Working Groups
      • Cross-Sector Working Groups
      • Dams Working Groups
      • Defense Industrial Base Working Groups
      • Emergency Services Working Groups
      • Energy Working Groups
      • Financial Services Working Groups
      • Food and Agriculture Working Groups
      • Government Facilities Working Groups
      • Healthcare and Public Health Working Groups
      • Information Technology Working Groups
      • Nuclear Reactors, Materials, and Waste Working Groups
      • Transportation Systems Working Groups
      • Water and Wastewater Systems Working Groups
    • CIPAC Plenary Meetings
    • CIPAC FAQ
  • CISA Administrative Subpoena
    • Responding to Notice of a Subpoena
    • Retention of Data Obtained by Subpoenas
    • Sharing of Data Obtained by Subpoenas
    • Signature Verification
    • Subpoena Process
  • CISA Central
  • CISA Events
    • CISA LIVE
    • CISA at RSA 2021
    • Women Leaders in Cybersecurity Webinar
  • GitHub
  • Guidance
  • Integrated Operations Division
  • Leadership
    • Jen Easterly
    • Nitin Natarajan
    • Brandon Wales
    • Kiersten E. Todt
    • Eric Goldstein
    • Dr. David Mussington
    • Billy Bob Brown, Jr.
    • Bob Kolasky
    • Alaina Clark
    • Laura Delaney
    • Victoria Dillon
    • Dan Sutherland
    • Nicole Windham
    • Michael Widomski
    • Felicia A. Purifoy
    • Tarek Abboushi
    • Robert Costello
    • David Epperson
    • Kerry Stewart
    • James Burd
    • Brian Gattoni
    • Valerie M. Cofield
    • David Patrick
    • Keith Holtermann
    • Region 1 Director Matthew McCann
    • Region 2 Director John Durkin
    • Region 3 Director William Ryan
    • Region 4 Director Joye Purser
    • Region 5 Director Alex Joves
    • Region 6 Director Harvey Perriott
    • Region 7 Director Phil Kirk
    • Region 8 Director Shawn Graff
    • Region 9 Director David Rosado
    • Region 10 Director Patrick Massey
  • NRMC
  • Office of Privacy
  • Office of the Chief Economist
  • Request a CISA Speaker
  • Resources For Lawyers
  • Stakeholder Engagement Division
    • CISA Cybersecurity Advisory Committee
      • About
      • Meeting Resources
      • Members
      • Publications
    • Councils and Committees
    • State, Local, Tribal & Territorial Cyber Information Sharing Program
  • Subscribe to Updates from CISA
    • Comment Policy
    • Social Media Directory
    • Social Media Directory
  • CISA Training
  • Notices
    • CISA Facebook Privacy Policy and Notice
    • CISA Instagram Privacy Policy and Notice
    • CISA Twitter Privacy Policy and Notice
    • CISA YouTube Privacy Policy and Notice
    • Terms of Use
    • Linking Policy
    • CISA Website Privacy Policy
  • Doing Business With CISA

Cybersecurity

• Cybersecurity
  • Cybersecurity Training & Exercises
    • 2019 President’s Cup
    • CDM Training
    • Cyber Storm: Securing Cyber Space
      • Cyber Storm I
      • Cyber Storm II
      • Cyber Storm III
      • Cyber Storm IV
      • Cyber Storm V
      • Cyber Storm VI
      • Cyber Storm 2020
      • Cyber Storm VIII
    • Incident Response Training
  • Cybersecurity Summit 2020
    • Cybersummit 2020 Day One
    • Cybersummit 2020 Day Two: Leading The Digital Transformation
    • Cybersummit 2020 Day Three: Diversity In Cybersecurity
    • Cybersummit 2020 Day Four: Defending Our Democracy
  • Cyber QSMO Marketplace
    • Cyber QSMO Services
      • QSMO Services - Anomalies and Events
      • QSMO Services - Asset Management
      • QSMO Services - Awareness and Training
      • QSMO Services - Business Environment
      • QSMO Services - Data Security
      • QSMO Services - Detection Processes
      • QSMO Services - Governance
      • QSMO Services - Identity Management and Access Control
      • QSMO Services - Information Protection Processes and Procedures
      • QSMO Services - Mitigation
      • QSMO Services - Protective Technology
      • QSMO Services - Recovery Planning
      • QSMO Services - Risk Assessment
      • QSMO Services - Supply Chain Risk Management
      • Risk Management Strategy
      • Security Continuous Monitoring
    • Cyber QSMO Service Providers
      • QSMO - Service Providers - CISA
      • QSMO - Service Providers - HHS
      • QSMO Service Providers - DOJ
      • QSMO Service Providers - DOT
    • Mobile Cybersecurity Shared Services
  • Combating Cyber Crime
  • Securing Federal Networks
    • CDM
    • EINSTEIN
    • Federal Information Security Management Act
    • HVA PMO
    • National Cybersecurity Protection System
    • Network Security Deployment
    • Quality Services Management Office
    • Risk Management Framework Assessment and Authorization Service Offerings
    • Security and Awareness Training
    • Situational Awareness and Incident Response
    • Trusted Internet Connections
      • TIC FAQ
  • Protecting Critical Infrastructure
    • C³ Voluntary Program
    • Using the Cybersecurity Framework
  • Cyber Incident Response
  • Cyber Safety
    • 4 Things You Can Do To Keep Yourself Cyber Safe
  • Cybersecurity Assessments
    • AES Schedule
    • Assessment Evaluation and Standardization (AES)
  • Cybersecurity Governance
  • Cybersecurity Insurance
  • Detection and Prevention
  • Information Sharing
    • Automated Indicator Sharing (AIS)
    • Cyber Information Sharing and Collaboration Program (CISCP)
    • DHS-approved vendors that offer AIS TAXII client compatible certificates
    • Enhanced Cybersecurity Services
    • Information Sharing and Analysis Organizations
      • ISAO Engagements
      • ISAO FAQ
    • TLP Definitions and Usage
  • Stakeholder Engagement and Cyber Infrastructure Resilience
    • Cyber Education and Awareness
    • Partnership Engagement Branch
    • Stakeholder Risk Assessment and Mitigation
  • Education
    • Cybersecurity Workforce Development Resources
    • Education for Cybersecurity Careers
    • National Cybersecurity Workforce Framework
    • Training for Cybersecurity Careers
  • 2021 President's Cup
  • Bad Practices
  • CISA Insights
  • CISA’s Role in Industrial Control Systems
    • Considerations for ICS/OT Cybersecurity for Monitoring Technologies
  • Coordinated Vulnerability Disclosure Process
  • Cyber Essentials
  • Cyber Games
  • Cyber Hygiene Services
  • Cybersecurity Summit 2021
    • Cybersummit 2021 Day One
      • Cybersummit 2021 Session Day 1: Welcome and Opening Remarks
      • Cybersummit 2021 Session Day 1: SCRM: The Future Is Now – Are You Ready To Address Your Vulnerabilities?
      • Cybersummit 2021 Session Day 1: CVEs: How the Whole Thing Works
      • Cybersummit 2021 Session Day 1: Caution Ahead: Putting an End to Bad Practices
      • Cybersummit 2021 Session Day 1: Cloud Vulnerability Management
      • Cybersummit 2021 Session Day 1: Hacker Perspectives on Vulnerabilities and Disclosures
    • Cybersummit 2021 Day Two
      • Cybersummit 2021 Session Day 2: BadAlloc: A Case Study in Pre-Disclosure Collaboration
      • Cybersummit 2021 Session Day 2: Daily Keynote
      • Cybersummit 2021 Session Day 2: Federal Defenders
      • Cybersummit 2021 Session Day 2: Insights on Energy
      • Cybersummit 2021 Session Day 2: International Fireside Chat
      • Cybersummit 2021 Session Day 2: JCDC Panel
      • Cybersummit 2021 Session Day 2: State and Local Challenges
      • Cybersummit 2021 Session Day 2: Zero Trust
    • Cybersummit 2021 Day Three
      • Cybersummit 2021 Session Day 3: Attracting New Recruits
      • Cybersummit 2021 Session Day 3: Black Girls in Cyber
      • Cybersummit 2021 Session Day 3: Consuming Diversity as an Employer
      • Cybersummit 2021 Session Day 3: Daily Keynote
      • Cybersummit 2021 Session Day 3: Educating Our Future Colleagues
      • Cybersummit 2021 Session Day 3: Empathy and Burnout
      • Cybersummit 2021 Session Day 3: Making .gov a Talent Magnet
      • Cybersummit 2021 Session Day 3: Partnership Annoucement
      • Cybersummit 2021 Session Day 3: ShareTheMicInCyber
      • Cybersummit 2021 Session Day 3: Sharing the Talent
    • Cybersummit 2021 Day Four
      • Cybersummit 2021 Session Day 4: AUS CI
      • Cybersummit 2021 Session Day 4: Congressional Cybersecurity Priorities
      • Cybersummit 2021 Session Day 4: Continuity of Excellence
      • Cybersummit 2021 Session Day 4: Cross-Sector Collaboration
      • Cybersummit 2021 Session Day 4: Cyber Informed Engineering
      • Cybersummit 2021 Session Day 4: Daily Keynote
      • Cybersummit 2021 Session Day 4: Responding to Mis- and Disinformation
      • Cybersummit 2021 Session Day 4: Securing Democracy Through Elections
      • Cybersummit 2021 Session Day 4: Summit Closer
      • Cybersummit 2021 Session Day 4: The Changing Cyber Landscape in Healthcare
      • Cybersummit 2021 Session Day 4: What Makes a Good Partnership
  • EO 13800 Deliverables
  • Executive Order on Improving the Nation’s Cybersecurity
  • Mitigate Microsoft Exchange On-Premises Product Vulnerabilities
  • Pulse Connect Secure Mitigations
  • Shop Safely
  • Supply Chain Compromise
  • Joint Cyber Defense Collaborative
  • STOP. THINK. CONNECT. ™
    • About the Campaign
    • Join the Campaign
    • Cybersecurity Awareness Month
    • Cybersecurity Awareness Month Resources
    • Cybersecurity Awareness Month Sample Social Media Posts and Graphics
    • CISA Cybersecurity Resources
• Dams Sector Crisis Management Suite

Infrastructure Security

• Infrastructure Security
  • Securing Public Gatherings
    • Everyone
    • Businesses and Critical Infrastructure
    • SLTT Authorities, Government, and First Responders
    • Schools
    • Houses of Worship
  • 2015 Sector Specific Plans
  • Autonomous Vehicle Security
  • Critical Infrastructure Exercises
  • Cybersecurity and Physical Security Convergence
  • IDT
  • Infrastructure Security Month
  • Interagency Security Committee
    • 25th Anniversary of the Interagency Security Committee
    • About the Interagency Security Committee
    • Additional Interagency Security Committee Resources
    • Interagency Security Committee Membership
    • Interagency Security Committee Policies, Standards, Best Practices, Guidance, and White Papers
    • Interagency Security Committee Training
    • Interagency Security Committee Webinars
    • Standards
  • Chemical Security
    • Chemical Facility Anti-Terrorism Standards
      • CFATS Laws and Regulations
        • CFATS Advisory Opinions
        • CFATS Enforcement
        • CFATS PRA Notices
        • CFATS Regulations
        • CFATS Rulemaking
        • CFATS Statutes
        • CFATS and Executive Order 13650
      • CFATS Video Resources
      • Risk-Based Performance Standards
        • RBPS 1-7 - Detection and Delay
        • RBPS 8 - Cyber
        • RBPS 9 - Response
        • RBPS 10 Monitoring
        • RBPS 11 - Training
        • RBPS 12 - Personnel Surety
        • RBPS 15/16 - Security Incidents
        • RBPS 18 - Records
      • Appendix A: Chemicals of Interest
      • Chemical Security Assessment Tool
        • CSAT SSP Revisions
        • CSAT Top-Screen Tips
        • CSAT Top-Screen
        • CSAT SVA and SSP
        • CSAT SSP Submission Tips
      • CFATS Process
        • CFATS Personnel Surety Program
        • CFATS Tiering Methodology
        • CFATS Covered Chemical Facilities
        • Chemical-terrorism Vulnerability Information
          • CVI Authorized User Training
          • Disclosure of CVI
          • Evaluating Need to Know for CVI
        • CFATS Expedited Approval Program
        • CFATS: Cyber Reporting
      • CFATS Resources
        • Request a CFATS Presentation
        • Request a Compliance Assistance Visit
      • CFATS Monthly Statistics
      • Report a CFATS Violation
    • Ammonium Nitrate Security Program
      • AN Security Statutes and Regulations
    • Chemical Sector Security Events
      • Chemical Security Summit
      • Chemical Sector Regional Events
    • Chemical Sector Resources
      • Chemical Sector Council Partners
      • Chemical Sector Partnerships
      • Chemical Sector Publications
      • Chemical Sector Regulatory Authorities
      • Safety and Security for Small and Midsize Chemical Facilities
  • Critical Infrastructure Sector Partnerships
    • Critical Infrastructure Partnerships and Information Sharing
    • Critical Manufacturing Sector Resources
      • Critical Manufacturing Sector Training
    • Government Coordinating Councils
    • Sector Coordinating Councils
    • State, Local, Tribal, and Territorial Government Coordinating Council
  • Critical Infrastructure Training
    • Chemical Sector Security Awareness Training Course
    • Chemical Sector Training
    • Commercial Facilities Training
    • Critical Infrastructure Learning Series
    • Dams Sector Training
    • Emergency Services Sector Training
      • Emergency Services Sector Active Shooter Workshop
      • Emergency Services Sector Resources
        • Emergency Services Sector Cybersecurity Initiative
        • Emergency Services Sector Information-Sharing Initiative
        • Emergency Services Sector Resilience Development Project
        • Emergency Services Sector – Continuity Planning Suite
    • Nuclear Sector Training
  • Critical Infrastructure Vulnerability Assessments
    • Assist Visits
    • Infrastructure Survey Tool
    • Infrastructure Visualization Platform
    • Protective Security Advisors
    • Regional Resiliency Assessment Program
  • Dams Sector Resources
    • Dams Sector Consequence-Based Top Screen
    • Dams Sector Publications
    • Dams Sector Suspicious Activity Reporting
    • HSIN-CI Dams Portal
  • IDR Program
  • Information Sharing: A Vital Resource
    • CISA Gateway
      • CISA Gateway Digital Library
      • CISA Gateway Map View
      • CISA Gateway Consolidated Help Desk
    • Homeland Security Information Network (HSIN)
    • Protected Critical Infrastructure Information Program
    • Suspicious Activity Reporting Tool
  • Insider Threat Mitigation
    • Defining Insider Threats
    • Detecting and Identifying Insider Threats
    • Assessing Insider Threats
    • Managing Insider Threats
    • Protect Assets
    • Cyber
    • Terrorism
    • Workplace Violence
    • Training & Awareness
      • Insider Threat Trailer and Video
    • Related Resources
  • International Critical Infrastructure Engagement
  • Hometown Security
    • Active Shooter Preparedness
      • Active Shooter Workshop Participant
      • First Responder
      • Human Resources or Security Professional
      • Private Citizen
        • Pathway to Violence Video
      • Active Shooter Workshop Participant
        • Options for Consideration Preparedness Video
        • Options for Consideration Active Shooter Preparedness Video - Portuguese
        • Options for Consideration Active Shooter Preparedness Video - Spanish
        • Active Shooter Emergency Action Plan Video
        • Emergency Action Planning Trailer
      • Translated Active Shooter Resources
      • Insider Threat Mitigation Resources
    • Employee Vigilance - Power of Hello
    • School Safety and Security
    • Connect, Plan, Train, Report
    • Tools and Resources
    • Faith Based Organizations
  • Supporting Policy and Doctrine
    • National Infrastructure Protection Plan
      • NIPP Security and Resilience Challenge

Emergency Communications

• Emergency Communications
  • Border Interoperability Demonstration Project
  • Emergency Communications Preparedness Center
    • REMCDP
  • Emergency Communications State, Local, Tribal, and Territorial Coordination
  • Statewide Communication Interoperability Plans
    • Statewide Interoperability Coordinators
  • National Emergency Communications Plan
    • NECP Webinars
  • International Cross Border Emergency Communications Efforts
  • National Security Telecom
    • About NSTAC
    • NSTAC Members
    • NSTAC Publications
    • NSTAC Publications Archive
    • NSTAC Meetings Resources
  • National Coordinating Center for Communications
  • SHARES
    • SHARES FAQ
    • SHARES Program Information
    • SHARES Coordination Network Operational Levels
    • Accessing SHARES
    • SHARES HF Interoperability Working Group
    • SHARES Interference Report
    • Contact SHARES
    • Resilient Power Working Group
  • Technical Assistance Program
  • Mobile Applications for Public Safety
  • Emergency Communications Coordination Program
  • Guidance Documents and Publications
  • National Coordinating Center for Communications
  • National Public Safety Telecommunicators Week
  • Priority Telecommunications Services (GETS/WPS/TSP)
    • About Priority Telecommunications Services
    • Contact Priority Telecommunications Services
    • Priority Telecommunications Services Enrollment/Management
  • Rural Emergency Medical Communications Demonstration Project (REMCDP)
  • Shared Communication Systems and Infrastructure
  • Tribal Emergency Communications Program

Stop Ransomware

• Stop Ransomware
  • Resources
    • Fact Sheets & Information
      • Conti Ransomware Healthcare Networks
      • Cyber Investigation Prep - General Audience (Handout)
      • FBI Cyber Investigative Response Key Considerations
      • FBI Flash: Increase in PYSA Ransomware Targeting Education Institutions
      • FBI Flash: Mamba Ransomware
      • FBI Private Industry Notification: Egregor Ransomware
      • FBI Public Service Announcement: Distance Learning
      • Joint Cybersecurity Advisory: Darkside Ransomware
      • Qbot/Qakbot Malware Report
      • Ryuk Variant Report
    • Ransomware 101
      • General Information
      • How Can I Protect Against Ransomware?
      • I've Been Hit By Ransomware!
      • Ransomware FAQs
    • Ransomware Guide
    • Services
      • Cyber Security Evaluation Tool (CSET®)
      • Elections Cyber Tabletop in a Box
    • Training
    • Webinars
    • Bad Practices
    • Campaigns
      • K-12 Resources
        • Cyber Threats to K-12 Remote Learning Education
        • Ransomware Reference Materials for K-12 School and School District IT Staff
        • Ransomware Reference Materials for Parents, Teachers and School Administrators
        • Ransomware Reference Materials for Students
      • Reduce the Risk of Ransomware Campaign
    • Sector Risk Management Agencies
      • Healthcare and Public Health Sector
        • CLOP Analyst Note
        • COVID-19 Cyber Threats Update
        • Conti Ransomware Analyst Note
        • Cybersecurity Perspectives: Healthcare and Public Health (HPH) Response to COVID-19
        • Domain-Based Message Authentication, Reporting, and Conformance (DMARC)
        • Multi-Factor Authentication (MFA)
        • NetWalker Ransomware
        • Ransomware Activity Targeting the Healthcare and Public Health Sector
        • Ransomware Cyber Awareness
        • Ransomware Threat Flyer
        • Spotlight Webinar - Ransomware
        • The Dark Web and Cyber Crime
        • TrickBot, Ryuk, and the HPH Sector
        • True Fighter, and RDP Access
  • Newsroom
  • Alerts
    • Official Alerts & Statements - CISA
    • Official Alerts & Statements - FBI
  • Report Ransomware
    • Contact Us

National Risk Management

• National Risk Management
  • Coronavirus
    • Emergency Communications Pandemic Guidelines
    • COVID-19 Recovery CTEP
    • COVID-19 Vaccine Rollout
    • Cybersecurity Resources for COVID-19
    • Frequently Referenced Contact Information for COVID-19
    • Telework Guidance and Resources
      • Telework Reference Materials for Non-Federal Organizations
      • Telework Reference Materials for the At-home Worker
      • Telework Reference Materials for the Federal Government
  • COVID-19 Disinformation Toolkit
  • NRMC Initiatives
  • NRMC Newsroom
  • NRMC Resources
  • 5G
  • Election Security
    • Crossfeed
    • Election Risk Profile Tool
    • Election Security Library
    • MDM Resource Library
    • Mis-, Dis-, Malinformation
    • Resilience Series Graphic Novels
    • Rumor Control
  • ICT Supply Chain
    • ICT SCRM Task Force
    • ICT SCRM Task Force Events
    • ICT Supply Chain Toolkit
    • Supply Chain Integrity Month
    • ICT Supply Chain Library
  • National Critical Functions
    • NCF Set
    • NCFs - Supply Water and Manage Wastewater
  • Pipeline Cybersecurity
    • PCI Resources Library
  • Position Navigation Timing
  • EMP GMD
  • National Infrastructure Simulation and Analysis Center
  • Systemic Cyber Risk Reduction

News & Media

• News & Media
  • CISA Newsroom
  • CISA Blog