Fact Sheets

State, Local, Tribal & Territorial Indicators of Compromise Automation Pilot Fact Sheet

In 2019, CISA awarded a cooperative agreement to the Johns Hopkins University Applied Physics Laboratory (JHU/APL) to conduct a pilot project with State, Local, Tribal, and Territorial (SLTT) governments to enhance their cybersecurity defenses and rapidly respond to Indicators of Compromise (IOCs) through the development of Security Orchestration, Automation and Response (SOAR) workflows and guides. JHU/APL successfully conducted the pilot project with Arizona, Louisiana, Massachusetts, Texas, Maricopa County, and the Multi-State Information Sharing and Analysis Center.

Multi-factor authentication (MFA) 

Multi-factor authentication is a layered approach to securing data and applications where a system requires a user to present a combination of two or more credentials to verify a user’s identity for login. MFA increases security because even if one credential becomes compromised, unauthorized users will be unable to meet the second authentication requirement and will not be able to access the targeted physical space, computing device, network, or database. 

Domain-Based Message Authentication, Reporting and Conformance (DMARC) 

The DMARC product was created to call attention to an email authentication policy that protects against bad actors using fake email addresses disguised to look like legitimate emails from trusted sources. DMARC makes it easier for email senders and receivers to determine whether or not an email legitimately originated from the identified sender. Further, DMARC provides the user with instructions for handling the email if it is fraudulent. 

COVID-19 Checklist: Securing Your Business and Clinical IT 

CISA has created a cybersecurity checklist to assist healthcare delivery organization in mitigating vulnerabilities and protecting against malicious actors. Hospitals and healthcare facilities are facing cyber-attacks of varied sophistication, including criminal networks and nation states. Implementing these protocols, and instilling a culture of digital vigilance, will allow HDOs to focus on COVID vaccine and overall patient care priorities instead of the consequences of a cyber-incident. 

COVID-19 Vaccination Hesitancy within the Critical Infrastructure Workforce

The Risk to the Essential Critical Infrastructure Workforce

COVID-19 vaccination hesitancy within the critical infrastructure workforce represents a risk to our National Critical Functions and critical infrastructure companies and operations. Employers of workers within the critical infrastructure sectors are essential to reducing vaccine hesitancy within their workforce by becoming messengers of accurate, reliable, and timely information.

DHS OSAI-OBP Partnership Factsheet

The DHS Office of SAFETY Act Implementation (OSAI) and Office for Bombing Prevention (OBP) share a mutual DHS mission space: to help prepare venues, entities, and people to reduce risk and mitigate effects from large scale, catastrophic terrorist attacks by effectively using training and other integral layers of security to identify, detect, deter, respond to, or otherwise mitigate the impact or harm arising from an act of terrorism. OSAI and OBP have partnered to identify nationally accredited training products and services that meet the counter-terrorism needs of DHS stakeholders.