Fact Sheets

State, Local, Tribal & Territorial Indicators of Compromise Automation Pilot Fact Sheet

In 2019, CISA awarded a cooperative agreement to the Johns Hopkins University Applied Physics Laboratory (JHU/APL) to conduct a pilot project with State, Local, Tribal, and Territorial (SLTT) governments to enhance their cybersecurity defenses and rapidly respond to Indicators of Compromise (IOCs) through the development of Security Orchestration, Automation and Response (SOAR) workflows and guides. JHU/APL successfully conducted the pilot project with Arizona, Louisiana, Massachusetts, Texas, Maricopa County, and the Multi-State Information Sharing and Analysis Center.

Multi-factor authentication (MFA) 

Multi-factor authentication is a layered approach to securing data and applications where a system requires a user to present a combination of two or more credentials to verify a user’s identity for login. MFA increases security because even if one credential becomes compromised, unauthorized users will be unable to meet the second authentication requirement and will not be able to access the targeted physical space, computing device, network, or database. 

Domain-Based Message Authentication, Reporting and Conformance (DMARC) 

The DMARC product was created to call attention to an email authentication policy that protects against bad actors using fake email addresses disguised to look like legitimate emails from trusted sources. DMARC makes it easier for email senders and receivers to determine whether or not an email legitimately originated from the identified sender. Further, DMARC provides the user with instructions for handling the email if it is fraudulent. 

COVID-19 Checklist: Securing Your Business and Clinical IT 

CISA has created a cybersecurity checklist to assist healthcare delivery organization in mitigating vulnerabilities and protecting against malicious actors. Hospitals and healthcare facilities are facing cyber-attacks of varied sophistication, including criminal networks and nation states. Implementing these protocols, and instilling a culture of digital vigilance, will allow HDOs to focus on COVID vaccine and overall patient care priorities instead of the consequences of a cyber-incident. 

DHS OSAI-OBP Partnership Factsheet

The DHS Office of SAFETY Act Implementation (OSAI) and Office for Bombing Prevention (OBP) share a mutual DHS mission space: to help prepare venues, entities, and people to reduce risk and mitigate effects from large scale, catastrophic terrorist attacks by effectively using training and other integral layers of security to identify, detect, deter, respond to, or otherwise mitigate the impact or harm arising from an act of terrorism. OSAI and OBP have partnered to identify nationally accredited training products and services that meet the counter-terrorism needs of DHS stakeholders.

Unauthorized Drone Activity Over Sporting Venues

The Cybersecurity and Infrastructure Security Agency's (CISA) Unauthorized Drone Activity Over Sporting Venues presents options for sporting venue owners and operators to consider to prevent, protect from, and respond to unauthorized drone activity. CISA encourages sporting venue owners and operators to take proactive measures to enhance their security posture. Most instances of unauthorized drone operations near sporting venues are likely fans seeking real-time game footage.

DDoS Attacks on Election Infrastructure Can Hinder Access to Voting Information, Would Not Prevent Voting

The Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) are issuing this announcement to raise awareness that Distributed Denial of Service (DDoS) attacks on election infrastructure can hinder access to voting information but would not prevent voting.