Fact Sheets

Including first responders when developing an emergency plan and conducting exercises establishes relationships and helps ensure that chemical facilities have appropriate security measures in place in the event of a chemical incident.

Under CFATS, Tier 3 or 4 facilities may receive expedited approval of their Site Security Plan and enter directly into a regular cycle of compliance inspections.

CISA regions lead and support public and private sector partners in developing and maintaining secure and resilient infrastructure. Regional personnel work with critical infrastructure partners and communities at the regional, state, county, tribal, and local levels.  These fact sheets provide more information about each regions services and their contact information.

Under RBPS 10 - Monitoring, high-risk facilities must have measures to regularly inspect, test, maintain and calibrate communications and warning systems to ensure their reliability and promptly correct any deficiencies.

The Cybersecurity and Infrastructure Security Agency (CISA) leads the national effort to defend critical infrastructure against the threats of today, while working with partners across all levels of government and in the private sector to secure against the evolving risks of tomorrow.

Hospitals and healthcare facilities face a unique set of challenges in an active shooter incident. These incidents have no patterns in victim selection or method, creating an unpredictable and quickly evolving situation that can lead to loss of life and injury. Numerous factors associated with hospital and healthcare environments complicate traditional response to active shooter incidents, including the “duty-to-care”, also known as “duty-to-act”, commitment and the varying levels of patient mobility and patient special needs.

This factsheet communicates the Department’s legal authority under the Preventing Emerging Threats Act to counter credible threats from UAS to the safety or security of a covered facility or asset, ensure legal privacy protections, and educate the public on the future of DHS CUAS policy.

U.S. critical infrastructure relies on Information and Communications Technology (ICT)—defined by the National Institute of Standards and Technology as “the capture, storage, retrieval, processing, display, representation, presentation, organization, management, security, transfer, and interchange of data and information”—for daily operations and functionality. The Design, Development and Production, Distribution, Acquisition and Deployment, Maintenance, and Disposal phases of the ICT supply chain are susceptible to the malicious or inadvertent introduction of vulnerabilities such as malicious software and hardware; counterfeit components; and poor product designs, manufacturing processes, and maintenance procedures.