State, Local, Tribal, and Territorial Authorities, Government, and First Responders


State, Local, Tribal, and Territorial Authorities, Government, and First RespondersThese resources provide information to help first responders, and state, local, tribal, and territorial (SLTT) governments protect themselves from a variety of CISA-identified threats. This includes tools, trainings, informational materials, and additional resources to prevent, protect against, respond to, and mitigate security incidents.

 

Everybody

Businesses and Critical Infrastructure

SLTT Schools Houses of Worship

 

 

 

 

Business Continuity and Preparedness

Workshop, Exercises   CISA Tabletop Exercise Packages
   CISA has an extensive scenario library and ready-to-use exercise packages—known as CISA Tabletop Exercise Packages (CTEPs). Each CTEP is customizable and includes template exercise objectives, scenarios, and discussion questions, as well as a collection of references and resources. Available scenarios cover a broad array of cybersecurity and physical security topics such as ransomware, election security, industrial control systems, pandemic, vehicle ramming, insider threat, active assailant, small unmanned aircraft systems (sUAS), and natural disasters.

Link: cisa.gov/critical-infrastructure-exercises 

Guide   Convergence Action Guide
   CISA defines convergence as formal collaboration between previously disjointed security functions. This guide describes the risks associated with siloed security functions, benefits of convergence, a flexible framework for aligning security functions, and several case studies.

Link: cisa.gov/cybersecurity-and-physical-security-convergence 

Informational Material   COVID-19 Vaccine Distribution Physical Security Measures
   Organizations involved in the development and distribution of the COVID-19 vaccine should take proactive measures to enhance their overall physical security posture. To achieve secure and resilient vaccine distribution, workers within the supply chain and vaccine recipients should use available resources to assess suggested mitigation methods against physical security attacks. To help meet this need, CISA created the COVID-19 Vaccine Distribution Physical Security Measures infographic. This product provides a list of physical security resources available to the public to help facility owners and operators enhance physical security to protect workers and individuals.

Link: cisa.gov/publication/covid-19-vaccine-distribution-physical-security-measures 

Workshop and Exercises   CISA Tabletop Exercise Packages Training Workshop
   CISA Exercises hosts monthly workshops to provide an overview of the CISA Tabletop Exercise Packages (CTEPs) and assists partners in using the CTEPs in their organizations. The workshops provide an opportunity for stakeholders to ask questions and provide feedback on the CTEPs, as well as learn more about the variety of CTEPs available.

Link: cisa.gov/critical-infrastructure-exercises

Workshops, Exercises, In Person, and Online Training   Stakeholder Exercise Planning and Conduct
   CISA Exercises uses the Homeland Security Exercise and Evaluation Program (HSEEP) methodology to design, develop, conduct, and evaluate exercises ranging from small-scale, limited-scope, discussion-based exercises (e.g., two-hour seminars) to large-scale, internationally-scoped, operations-based exercises (e.g., multi-day, full-scale exercises).

Link: cisa.gov/critical-infrastructure-exercises

Additional DHS Resources:

In Person and Online Training   FEMA Center for Domestic Preparedness
   The FEMA Center for Domestic Preparedness (CDP) provides advanced, all-hazards training to approximately 50,000 emergency responders annually from state, local, tribal, and territorial governments, as well as the federal government, foreign governments, and private entities. The scope of training includes preparedness, protection, and response.

Link: cdp.dhs.gov

In Person and Online Training   FEMA Emergency Management Institute
   The FEMA Emergency Management Institute (EMI) is the flagship training institution for the emergency management community and provides training to federal, state, local, tribal, volunteer, public, and private sector officials to strengthen core competencies for professional, career-long training.

Link: training.fema.gov/emi.aspx

Website   Homeland Security Information Network-Critical Infrastructure
   The Homeland Security Information Network (HSIN) serves as the primary information sharing platform between critical infrastructure sector stakeholders and government. HSIN-Critical Infrastructure (HSIN-CI) enables federal, state, local, and private sector critical infrastructure owners and operators to communicate, coordinate, and share sensitive and sector-relevant information to protect critical assets, systems, functions, and networks.

Link: dhs.gov/hsin-critical-infrastructure

CISA Regional Services

Informational Materials  Assist Visits
  This service helps critical infrastructure owners and operators understand their role and function in the broader critical infrastructure sector. Protective Security Advisors (PSAs) conduct these visits with critical infrastructure facility representatives to help build relationships and enhance communication.

Link: cisa.gov/assist-visits

Fact Sheet   CISA Regional Office Fact Sheets
   CISA Regional Offices, located throughout the U.S., deliver trainings, exercises, programs, and other resources to critical infrastructure owners and operators.

Link: cisa.gov/publication/cisa-regional-office-fact-sheets

Tool   Cybersecurity Advisors
   Cybersecurity Advisors (CSAs) offer assistance to help prepare and protect private sector entities and state, local, tribal and territorial (SLTT) governments from cybersecurity threats. CSAs promote cybersecurity preparedness, risk mitigation, and incident response capabilities, working to engage stakeholders through partnership and direct assistance activities.

Link: cisa.gov/stakeholder-risk-assessment-and-mitigation

Tool  Infrastructure Survey Tool
  Protective Security Advisors (PSAs) conduct this voluntary, web-based security survey with facility owners and operators to identify and document a facility's overall security and resilience.

Link: cisa.gov/infrastructure-survey-tool

Tool   Infrastructure Visualization Platform
   This platform supports critical infrastructure security and response operations by integrating high-resolution, interactive data, as well as additional assessment information.

Link: cisa.gov/infrastructure-visualization-platform

Tool   Protective Security Advisors
   Protective Security Advisors (PSAs) engage with federal, state, local, tribal, and territorial (FSLTT) government partners, businesses, and critical infrastructure owners and operators in their regions to offer steady-state DHS risk mitigation tools, products, and services. PSAs also support National Special Security Events (NSSEs) and Special Event Assessment Rating (SEAR) events; assist with responses to all-hazard incidents through field-level coordination and information sharing; and provide expertise on reconstituting affected critical infrastructure.

Link: cisa.gov/protective-security-advisors

Tool   Security Assessment at First Entry
   The Security Assessment at First Entry (SAFE) tool is designed to help facility owners and operators evaluate current physical and operational security practices and explore opportunities to protect against threats. These assessments are conducted by Protective Security Advisors (PSAs) and provide a high-level review of the security posture and mitigation options for a facility.

Link: cisa.gov/cisa-regions

Election Security

Guide   Election Security Checklists and Guides
   These checklists and guides are developed to help state and local officials safeguard election systems. These publications include incident handling, protecting against ransomware, and securing voter registration data, in addition to other resources.

Link: cisa.gov/publication/election-security-checklists-guides

Tool   Election Security Resource Library
   This library provides state and local governments, election officials, campaigns, the vendor community, and voters with voluntary tools to secure election-related assets, facilities, networks, and systems from cyber and physical threats.

Link: cisa.gov/election-security-library

Informational Materials   Physical Security of Voting Locations and Election Facilities
   This is a general guide with resources and four actionable steps to – Connect, Plan, Train, and Report – that election officials should consider to improve physical security and enhance resilience of election operations.

Link: cisa.gov/publication/physical-security-voting-locations

Website   #Protect2020
   This was an outreach campaign to build trust and expertise while broadening state and local cybersecurity and physical security risk management efforts. CISA collaborated with officials across 8,000 election jurisdictions nationwide throughout the 2020 election season. CISA’s #Protect2020 efforts included engaging political campaigns, political parties, and political committees.

Link: cisa.gov/protect2020

Identify Suspicious Behavior

Fact Sheet   Fact Sheet – Insider Threat Mitigation Program
   This fact sheet provides resources to help organizations design a comprehensive program that protects against insider threats.

Link: cisa.gov/publication/fact-sheet-insider-threat-mitigation-program

Website   Insider Threat Mitigation Web Page
   This web page explains ways to help organizations detect, assess, and manage insider threats before it can threaten the workforce.

Link: cisa.gov/insider-threat-mitigation

Informational Materials   Recognize Suspicious Small Unmanned Aircraft Systems Poster and Postcard
   This poster and postcard explain how small unmanned aircraft systems (sUAS) are used for a range of tactical and recreational purposes, but can also be used to cause serious harm to individuals and infrastructure.

Link: cisa.gov/publication/recognize-suspicious-unmanned-aircraft-systems-uas-poster-and-postcard

Informational Materials   Suspicious Behavior Advisory Posters
   These resources help businesses, first responders, and local governments identify suspicious activities and behaviors to prevent the illicit sale of explosive precursor chemicals and components. The posters are available under the Suspicious Activities and Bomb Threats – What to Do section of the TRIPwire website.

Link: cisa.gov/tripwire

Prepare and Respond to Active Assailants

Guide   Active Shooter Recovery Guide
   This guide provides information on establishing a recovery process and outlines the necessary actions for short-term and long-term recovery following an active shooter incident.

Link: cisa.gov/publication/active-shooter-recovery-guide

Guide and Tool   Emergency Services Sector Active Shooter Resource Guide
   This guide helps emergency services personnel collaborate within communities to develop an Active Shooter Program. It highlights resources and planning considerations to enhance community planning and preparedness for active shooter incidents.

Link: cisa.gov/publication/emergency-services-sector-active-shooter-guide

Guide   Mass Gatherings – Security Awareness for Soft Targets and Crowded Places
   This guide identifies how businesses can prepare for and mitigate future attacks, including recommended protective measures and actions to consider.

Link: cisa.gov/publication/active-assailant-security-resources

Guide   Planning and Response to an Active Shooter: An Interagency Security Committee Policy and Best Practices Guide
   This guide includes information and best practices for federal agencies that can also be applied more broadly in any active shooter situation.

Link: cisa.gov/publication/isc-planning-and-response-active-shooter-guide

Prevent and Respond to Bombings

Website   Bomb-Making Materials Awareness Program
   The Bomb-Making Materials Awareness Program (BMAP) is designed to promote bomb-making materials (BMM) awareness and reporting of suspicious activity to prevent the intentional misuse of common consumer goods to make improvised explosive devices (IEDs).

Link: cisa.gov/bmap

Informational Materials   Bombing Prevention Lanyard Cards
   These quick reference lanyard cards provide key reminders and actions related to bombing prevention, including recommended actions during a bombing incident.

Link: cisa.gov/tripwire

In person, online training   Counter-Improvised Explosive Devices Training Courses
   These courses provide general information and strategies to prevent, protect against, respond to, and mitigate bombing incidents. To request direct delivery trainings, please contact your local Protective Security Advisor (PSA) or email OBP@cisa.dhs.gov. For more information or a full list of counter-improvised explosive devices (C-IED) and Risk Mitigation trainings, visit the C-IED Training Courses Website or the C-IED and Risk Mitigation Training Fact Sheet.

Link: cisa.gov/bombing-prevention-training-courses

Guide   DHS-Department of Justice Bomb Threat Guidance
   This quick reference guide provides information on threat preparation, threat assessment considerations, staff response guidelines, and evacuation and shelter-in-place considerations.

Link: cisa.gov/publication/dhs-doj-bomb-threat-guidance

Workshop, Exercises, Fact Sheet   Multi-Jurisdiction Improvised Explosive Device Security Planning
   This program helps communities identify roles, responsibilities, and capability gaps, as well as optimize limited resources within a multi-jurisdictional planning area. The Multi-Jurisdiction Improvised Explosive Device Security Planning (MJIEDSP) process coordinates with area stakeholders to conduct briefings, trainings, data collection activities, and facilitated scenario-based workshops.

Link: cisa.gov/mjiedsp

Tool   National Counter-Improvised Explosive Device Capabilities Analysis Database
   This assessment program uses a consistent and repeatable methodology to assess and analyze units with counter-improvised explosive devices (C-IED) missions. National C-IED Capabilities Analysis Database (NCCAD) assessments measure capabilities and identify gaps across personnel, organization, equipment, training, and exercises required for effective prevention, protection, and response to IED threats.

Link: cisa.gov/nccad

Guide   Security and Resiliency Guide: Counter-Improvised Explosive Device Concepts, Common Goals, and Available Assistance
   This guide and corresponding annexes provide individuals, businesses, first responders, and law enforcement with guidance to enhance preparedness for potential improvised explosive device (IED) incidents in their communities. The guide includes risk information, a framework of 10 common counter-IED (C-IED) preparedness goals, planning considerations, and available federal resources. It is complemented by five annexes with additional information relevant to venues at high risk for IED-related incidents, such as lodging, outdoor events, public assembly, and sports leagues and venues.

Link: cisa.gov/publication/security-and-resiliency-guide-and-annexes

Video and Website   TRIPwire Website
   CISA’s Office for Bombing Prevention (OBP) developed and maintains TRIPwire, the DHS Technical Resource for Incident Prevention. It serves as a 24/7 collaborative information-sharing network for bomb squads, first responders, military personnel, government officials, intelligence analysts, and security professionals. TRIPwire combines expert analyses and reports with relevant documents, images, and videos gathered directly from terrorist source materials to help users anticipate, identify, and prevent Improvised Explosive Device (IED) incidents. The site requires registration to access information or partners can log in using a HSIN account.

Link: cisa.gov/tripwire

Video   What to Do – Bomb Threat: Bomb Threat Training Video
   This video, developed in partnership with the University of Central Florida and International Association of Chiefs of Police, demonstrates what to do in the event of a phoned-in bomb threat.

Link: cisa.gov/what-to-do-bomb-threat

Video   What to Do – Training Video Series
   This training video series (TVS) communicates threats posed by and how to react to improvised explosive devices (IEDs). This includes videos on suspicious vs. unattended items, bomb searches, surviving a bombing attack, and bomb threats.

Link: tripwire.dhs.gov/training-video-series

Protect Against Small Unmanned Aircraft Systems

Guide   Cybersecurity Best Practices for Operating Commercial Small Unmanned Aircraft Systems
   This guide provides cybersecurity best practices to help commercial operators protect their networks, information, and personnel. Critical infrastructure operators, law enforcement, and all levels of government are increasingly incorporating small unmanned aircraft systems (sUAS) into their operational functions. Although sUAS offer benefits to their operators, they can also pose cybersecurity risks.

Link: cisa.gov/publication/cybersecurity-best-practices-operating-commercial-unmanned-aircraft-systems

Guide   Protecting Against the Threat of Small Unmanned Aircraft Systems: An Interagency Security Committee Best Practice
   This document outlines awareness and mitigation measures for federal departments and agencies to protect against malicious small unmanned aircraft systems (sUAS) operations.

Link: cisa.gov/publication/protecting-against-threat-unmanned-aircraft-systems

Guide   Responding to Drone Calls: Guidance for Emergency Communications Centers
   This guide provides an overview of safe and unsafe drone flight and a recommended script that Emergency Communications Centers (ECCs) may follow when responding to drone related calls.   

Link: cisa.gov/publication/responding-drone-calls-guidance-emergency-communications-centers

Video   Small Unmanned Aircraft Systems and Critical Infrastructure – Understanding the Risk Video
   This video provides information on critical infrastructure challenges associated with small unmanned aircraft systems (sUAS), counter-UAS security practices, actions to consider for risk mitigation, and specific preparedness efforts for facilities and organizations. It can be found under the sUAS and Critical Infrastructure – Understanding the Risk tab.

Link: cisa.gov/uas-critical-infrastructure

Fact Sheet   Small Unmanned Aircraft Systems: Addressing Critical Infrastructure Security Challenges
   This fact sheet provides an overview of small unmanned aircraft systems (sUAS) threats and actions owners and operators can take to protect their facilities.

Link: cisa.gov/publication/uas-fact-sheets

Guide   Small Unmanned Aircraft Systems: Considerations for Law Enforcement Action
   This guide provides an overview of small unmanned aircraft systems (sUAS), legal and operational considerations for law enforcement, and a list of additional resources.

Link: cisa.gov/uas-law-enforcement

Guide   Indicators of Suspicious Small Unmanned Aircraft Systems
   This reference aid, provided through the Office for Bombing Prevention (OBP), aims to enhance situational awareness for those who may encounter a suspicious small unmanned aircraft systems (sUAS). The document can be found under OBP's Open Source Intelligence (OSINT) Team’s Emergency Responder Note (ERN) on TRIPwire.

Link: cisa.gov/tripwire

Protect, Screen, and Allow Access to Facilities and Venues

Guide   Armed Contract Security Officers in Federal Facilities: An Interagency Security Committee Best Practice 2019
   This Interagency Security Committee (ISC) resource recommends a set of minimum standards for armed contract security officers assigned to U.S. buildings and facilities occupied by federal employees for nonmilitary activities.

Link: cisa.gov/isc-policies-standards-best-practices

Guide   Best Practices for Managing Mail Screening and Handling Processes: A Guide for the Public and Private Sectors
   This guide provides mail center security personnel with a framework for understanding and mitigating organizational risks linked to mail and packages they receive and deliver.

Link: cisa.gov/publication/isc-mail-handling-non-fouo

Tool   Crisis Event Response and Recovery Access Framework
   The Crisis Event Response and Recovery Access (CERRA) framework provides guidance and recommendations for state, local, tribal, and territorial (SLTT) authorities on planning and developing an access management program. It includes mechanisms, tools, processes, and approaches for coordinating, approving, and enabling access during response and recovery operations.

Link: cisa.gov/publication/crisis-event-response-and-recovery-access

Guide   Dams Sector Active and Passive Vehicle Barriers Guide
   This guide assists dam owners and operators in understanding various types of active and passive vehicle barriers and how to incorporate them into their overall security plan. It also provides technical information to assist owners and operators in properly designing protective schemes and selecting vehicle barriers and their safety and security systems.

Link: cisa.gov/publication/dams-vehicle-barriers-guide

Online Training   Facility Security Committees
   This web-based training course provides federal personnel with an overview of Facility Security Committees (FSCs), including members, roles and responsibilities, and policies and procedures for operations and decision-making.

Link: training.fema.gov/is/courseoverview.aspx?code=IS-1174

Online Training   Levels of Protection and Application of the Design-Basis Threat
   This For Official Use Only (FOUO) course informs federal personnel of security-related policies, programs, projects, and operations for their department or agency and the process to determine the facility security level (FSL) for a federal facility.

Link: training.fema.gov/is/courseoverview.aspx?code=IS-1173

Guide, Informational Materials, Tool   Interagency Security Committee Resources
   These Interagency Security Committee (ISC) resources support and enhance security for federal, nonmilitary facilities. Many ISC policies, standards, and best practices can be applied to other venue and facility types.

Link: cisa.gov/isc

Online Training   Introduction to the Interagency Security Committee
   This web-based training course provides an overview of the Interagency Security Committee (ISC) history, mission, and organization. The training also reviews the ISC Risk Management Process (RMP).

Link: training.fema.gov/is/courseoverview.aspx?code=is-1170

Guide   Occupant Emergency Programs: An Interagency Security Committee Guide
   This guide helps department and agency security planners develop and review Occupant Emergency Programs for the safety and security of employees and visitors.

Link: cisa.gov/publication/isc-occupant-emergency-programs-guide

Online Training   Overview of Interagency Security Committee Publications
   This web-based training course provides an overview of Interagency Security Committee (ISC) facility security standards and policies and other documents that support the ISC Risk Management Process (RMP).

Link: training.fema.gov/is/courseoverview.aspx?code=IS-1171

Guide   Risk Management Process for Federal Facilities – An Interagency Security Committee Standard
​   This guide defines the criteria and processes facility security personnel should use to determine facility security level (FSL) and provides an integrated, single source of physical security countermeasures for all federal facilities.

Link: cisa.gov/publication/isc-risk-management-process

Online Training   Risk Management Process for Federal Facilities – Facility Security Level Determination
   This web-based training provides federal personnel with responsibilities for security-related policies, programs, projects, and operations for their department or agency with an overview of the process to determine facility security level (FSL).

Link: training.fema.gov/is/courseoverview.aspx?code=IS-1172

Guide   The Risk Management Process for Federal Facilities: An Interagency Security Committee Standard, Appendix A: The Design-Basis Threat Report
   This 2020 report is an estimate of threats with impacts to federal facilities.

Link: cisa.gov/publication/isc-risk-management-process

Guide   The Risk Management Process for Federal Facilities: An Interagency Security Committee Standard, Appendix B: Countermeasures
   This For Official Use Only (FOUO) report establishes a baseline set of physical security countermeasures for all federal facilities based on the designated facility security level (FSL). These countermeasures provide comprehensive solutions under six criteria of physical security.

Link: cisa.gov/publication/isc-risk-management-process

Tool   The Risk Management Process for Federal Facilities: An Interagency Security Committee Standard, Appendix C: Child-Care Center Level of Protection     Template
   This template specifies the customized level of protection (LOP) for a child-care center (CCC). It also offers implementation guidance for five potential scenarios, each detailing the relationship between the CCC and other federal facilities.

Link: cisa.gov/publication/isc-risk-management-process

Guide, Video   Vehicle-Borne Improvised Explosive Device Identification Guide and Video
   This guide is designed for stakeholders tasked with identifying suspected vehicle-borne improvised explosive devices (VBIEDs) and provides instruction for vehicle search techniques for law enforcement, bomb squads, hazardous materials (HAZMAT) teams, and other emergency and security personnel. The Vehicle Inspection Guide, Vehicle Inspection Video, and VBIED Identification Guide are all available to registered users on TRIPwire.

Link: cisa.gov/tripwire

Additional DHS Resources:

Informational Materials   Homeland Security Grants
   This site provides information on FEMA preparedness grants for state, local, tribal, and territorial (SLTT) governments in the form of non-disaster grants. These funds help grantees develop and sustain capabilities at the SLTT levels across the Nation's highest-risk transit systems, ports, and borders to prevent, protect against, respond to, recover from, and mitigate incidents linked to terrorism and other emergencies.

Link: fema.gov/grants/preparedness/homeland-security

Safeguard and Secure Cyberspace

Informational Materials   Avoiding Social Engineering and Phishing Attacks Security Tip
   This security tip describes social engineering tactics, techniques, and procedures linked to cyber criminals. It also details common indicators related to social engineering attacks and how to avoid falling for these methods.

Link: us-cert.cisa.gov/ncas/tips/ST04-014

Informational Materials   CISA Community Webinars
   These cybersecurity webinars provide information on cyber risk management practices, tools, and procedures. Past webinars have focused on COVID-19 Response: Lessons Learned on Cybersecurity and Resilience in a Pandemic; Smart Cities; and 5G: Security and Vulnerabilities.

Link: us-cert.cisa.gov/resources/events

Guide   CISA Cyber Essentials
   This campaign is for small businesses and local government agencies to understand and address cybersecurity risk. Cyber Essentials includes two parts – guiding principles to develop security culture and specific actions for leaders and IT professionals.

Link: cisa.gov/publication/cisa-cyber-essentials

Tool   Cyber Resource Hub
   This site provides cybersecurity assessments that evaluate operational resilience, cybersecurity practices, organizational management of external dependencies, and other elements that comprise a robust cybersecurity strategy.

Link: cisa.gov/cyber-resource-hub

Guide   Cybersecurity Resources Road Map: A Guide for Critical Infrastructure – Small and Midsize Businesses
   This guide helps businesses identify cybersecurity resources that best align with their needs.

Link: us-cert.cisa.gov/resources/smb

Online Training, Tool   Federal Virtual Training Environment
   The Federal Virtual Training Environment (FedVTE) provides free online cybersecurity training to federal, state, local, tribal, and territorial government employees, federal contractors, and U.S. military veterans. Courses range from beginner to advanced levels and are mapped to the National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework.

Link: fedvte.usalearning.gov

Was this webpage helpful?  Yes  |  Somewhat  |  No