The Cybersecurity and Infrastructure Security Agency (CISA) deployed an industry-leading privileged access management (PAM) tool as part of its CDM implementation to transition the 30 disparate information systems it managed into a cohesive enterprise-wide approach. With this tool, CISA’s security operations team found an effective solution for the results they desired and gained visibility and enhanced security throughout their organization.
The Department of Health and Human Services (HHS) worked with CDM to quickly address heightened concern about pandemic-related data security by strengthening its cybersecurity threat intelligence and response mechanisms.
“The CDM program gave us every resource we needed to defend the department while working on a vaccine to help the American public.” – HHS CISO
The Small Business Administration (SBA) used CDM services and tools to quickly scale up and secure its IT infrastructure to deploy capabilities made possible through distribution of CARES Act funds and support economically-impacted business owners as the COVID-19 pandemic was gripping the nation.
CISA and the Pacific Northwest National Laboratory partnered to develop a series of educational cybersecurity games available on mobile devices for adults and children. Each game presents simulated cybersecurity threats, defenses, and response actions. The games are available for download on Android and Apple iOS devices.
CISA Issues Emergency Directive Requiring Federal Agencies to Mitigate Windows Print Spooler Service Vulnerability
CISA Encourages All Organizations to Take Steps to Protect their Networks
In 2019, CISA awarded a cooperative agreement to the Johns Hopkins University Applied Physics Laboratory (JHU/APL) to conduct a pilot project with State, Local, Tribal, and Territorial (SLTT) governments to enhance their cybersecurity defenses and rapidly respond to Indicators of Compromise (IOCs) through the development of Security Orchestration, Automation and Response (SOAR) workflows and guides. JHU/APL successfully conducted the pilot project with Arizona, Louisiana, Massachusetts, Texas, Maricopa County, and the Multi-State Information Sharing and Analysis Center.
CISA analyzes and maps—to the MITRE ATT&CK® framework—the findings from the Risk and Vulnerability Assessments (RVA) we conduct each fiscal year (FY). These analyses include: