A Risk-based Approach to National Cybersecurity
Authored By: Bob Kolasky, CISA Assistant Director for the National Risk Management Center
Infrastructure Security
Systemic Cyber Risk Reduction
Working with government and industry partners, CISA’s National Risk Management Center is adding analytic rigor to the ability for organizations to quantify cyber risk impact for cybersecurity measures they have in place in order to develop actionable metrics, and use this information to reduce shared risk to the Nation’s security and economic security.
Personal Security Considerations
The CISA Personal Security Considerations fact sheet encourages critical infrastructure owners and their personnel to remain vigilant and report suspicious behavior that individuals may exhibit in order to thwart an attack. It also contains several easily implementable security measures that can mitigate threats to personal safety.
2020 Chemical Security Seminar Presentations
Select presentations from the virtual 2020 Chemical Security Seminars held in December 2020.
COVID-19 Vaccine Distribution Physical Security Measures
Organizations involved in the development and distribution of the COVID-19 vaccine should take proactive measures to enhance their overall physical security posture. To achieve secure and resilient vaccine distribution, workers along the supply chain and vaccine recipients should use available resources to assess suggested mitigation methods against physical security attacks. To help meet this need, CISA created the COVID-19 Vaccine Distribution Physical Security Measures infographic.
Cybersecurity and Physical Security Convergence
The adoption and integration of Internet of Things (IoT) and Industrial Internet of Things (IIoT) devices has led to an increasingly interconnected mesh of cyber-physical systems (CPS), which expands the attack surface and blurs the once clear functions of cybersecurity and physical security.
A successful cyber or physical attack on industrial control systems and networks can disrupt operations or even deny critical services to society.
Cybersecurity and Physical Security Convergence
The Cybersecurity and Infrastructure Security Convergence Action Guide describes the complex threat environment created by increasingly interconnected cyber-physical systems, and the impacts that this interconnectivity has on an organization’s cybersecurity and physical security functions. It also provides information that organizations can consider to adopt a holistic cyber-physical security approach through a flexible framework.
CISA, NASCAR, Daytona International Speedway and Local Partners Conduct Joint Exercise to Keep DAYTONA 500 Fans Safe
DAYTONA BEACH, Fla. – The U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA), NASCAR, the Daytona International Speedway, state and local first responders, law enforcement officials, and local businesses held a tabletop exercise today to test response plans around hypothetical public safety incidents on the day of the DAYTONA 500.
Last Published Date: January 6, 2021
CISA Releases ICT Supply Chain Risk Management Task Force Year 2 Report
Today, the Cybersecurity and Infrastructure Security Agency (CISA) and government and industry members of the Information and Communications Technology (ICT) Supply Chain Risk Management (SCRM) Task Force released an annual report on its progress to advance meaningful partnerships and analysis around supply chain security and resilience.
Last Published Date: December 17, 2020
ICT SCRM Task Force Year Two Report
This report provides an update on the ICT Supply Chain Risk Management (SCRM) Task Force’s progress in Year Two to advance meaningful partnerships and analysis around supply chain security and resilience. The report summarizes the work of the Task Force’s five working groups to address challenges to information sharing, threat analysis, qualified bidder and qualified manufacturer lists, vendor assurance, and impacts of the COVID-19 pandemic on ICT supply chains.
Return to ICT Supply Chain Risk Management.