This flyer provides information on CISA's cyber and physical trainings and exercise services to enhance security and resilience of election infrastructure. The no-cost trainings typically run 30-90 minutes each and are available both in-person and virtually on topics such as election security best practices to build trust, ransomware, and phishing.
Return to Election Infrastructure Security.
The ICT Supply Chain Risk Management (SCRM) Task Force Small and Medium-sized Businesses (SMB) Working Group (WG) was created with the purpose of tailoring Task Force products to make them more applicable to SMBs which may find it difficult to institutionalize federal supply chain guidance due to limited finances, resources, and employees.
The ICT Supply Chain Risk Management (SCRM) Task Force Information Sharing Working Group (WG1) was created with the purpose of providing considerations about improving the sharing of supply chain risk information (SCRI) among the federal government and private industry to help mitigate threats to the nation’s ICT supply chain.
This fact sheet provides an overview of the Systemic Cyber Risk Reduction Venture and the importance of a risk-based approach to national cybersecurity.
Download and share this printer-friendly resource. Return to Systemic Cyber Risk Reduction Venture.
This CISA Insights provides a framework that government and private sector organizations (to include small and medium-sized businesses) outsourcing some level of IT support to MSPs can use to better mitigate against third-party risk.
This fact sheet explains the importance for election officials to sign up for a .gov domain. Election officials continue to combat false and misleading election information, making it increasingly difficult to identify trusted sources of information. As the Agency that oversees the .gov top-level domain, CISA provides .gov domains for election offices to help the public quickly identify accurate election information.
Return to Election Security.
Chain of custody is a complex process. Often associated with the preservation of evidence for law enforcement, chain of custody also plays an important role in security and risk mitigation for critical infrastructure sectors and their assets. Without secure chain of custody practices, critical infrastructure systems and assets could be unknowingly accessed and manipulated by threat actors. The integrity of critical infrastructure assets and systems could also be questioned, with the inability of critical infrastructure owners and operators to prove otherwise.