Skip to main content
U.S. flag

An official website of the United States government

Here’s how you know

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

HTTPS

Secure .gov websites use HTTPS
A lock (LockA locked padlock) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cybersecurity & Infrastructure Security Agency
America's Cyber Defense Agency

Search

 
 
  • Topics
    Cybersecurity Best Practices
    Cyber Threats and Advisories
    Critical Infrastructure Security and Resilience
    Election Security
    Emergency Communications
    Industrial Control Systems
    Information and Communications Technology Supply Chain Security
    Partnerships and Collaboration
    Physical Security
    Risk Management
    How can we help?
    GovernmentEducational InstitutionsIndustryState, Local, Tribal, and TerritorialIndividuals and FamiliesSmall and Medium BusinessesFind Help Locally
  • Spotlight
  • Resources & Tools
    All Resources & Tools
    Services
    Programs
    Resources
    Training
    Groups
  • News & Events
    News
    Events
    Cybersecurity Alerts & Advisories
    Directives
    Request a CISA Speaker
    Congressional Testimony
  • Careers
    Benefits & Perks
    HireVue Applicant Reasonable Accommodations Process
    Hiring
    Resume & Application Tips
    Students & Recent Graduates
    Veteran and Military Spouses
    Work @ CISA
  • About
    Culture
    Divisions & Offices
    Regions
    Leadership
    Doing Business with CISA
    Contact Us
    Site Links
    Reporting Employee and Contractor Misconduct
    CISA GitHub
Report a Cyber Issue
America's Cyber Defense Agency
Breadcrumb
  1. Home
  2. Topics
Share:
Cybersecurity image featuring locks

Cybersecurity Best Practices

CISA provides information on cybersecurity best practices to help individuals and organizations implement preventative measures and manage cyber risks.

Cybersecurity Best Practices

  • Organizations and Cyber Safety
  • Identify Theft and Personal Cyber Threats
  • CISA Director Easterly Remarks at Carnegie Mellon University

Overview

Cyberspace is particularly difficult to secure due to a number of factors: the ability of malicious actors to operate from anywhere in the world, the linkages between cyberspace and physical systems, and the difficulty of reducing vulnerabilities and consequences in complex cyber networks. Implementing safe cybersecurity best practices is important for individuals as well as organizations of all sizes. Using strong passwords, updating your software, thinking before you click on suspicious links, and turning on multi-factor authentication are the basics of what we call “cyber hygiene” and will drastically improve your online safety. These cybersecurity basics apply to both individuals and organizations. For both government and private entities, developing and implementing tailored cybersecurity plans and processes is key to protecting and maintaining business operations. As information technology becomes increasingly integrated with all aspects of our society, there is increased risk for wide scale or high-consequence events that could cause harm or disrupt services upon which our economy and the daily lives of millions of Americans depend.

CISA’s Role

In light of the risk and potential consequences of cyber events, CISA strengthens the security and resilience of cyberspace, an important homeland security mission. CISA offers a range of cybersecurity services and resources focused on operational resilience, cybersecurity practices, organizational management of external dependencies, and other key elements of a robust and resilient cyber framework. CISA helps individuals and organizations communicate current cyber trends and attacks, manage cyber risks, strengthen defenses, and implement preventative measures. Every mitigated risk or prevented attack strengthens the cybersecurity of the nation.

Identity Theft and Personal Cyber Threats

Using cyber best practices on personal and family devices protects against common attacks like identity theft, phishing, and malware.

Organizations and Cyber Safety

Protecting organizations from cyber threats and risks is a key aspect of CISA’s mission.

Featured Content

Shields Up

Stay Shields Up! to prepare for, respond to, and mitigate the impact of cyber-attacks. CISA is here to support you and your cybersecurity needs with expert resources, tools, and services to protect you from cyber threats. 

Cybersecurity Best Practices Services

Explore the cybersecurity services CISA offers that are available to Federal Government; State, Local, Tribal and Territorial Government; Industry; Educational Institutions; and General Public stakeholders.

Holiday Online Shopping

The holiday shopping season is a prime opportunity for bad actors to take advantage of unsuspecting shoppers. CISA is here to provide a few easy steps to prevent you from becoming a victim of cyber-crime.

Related News

Discover the latest CISA news on Cybersecurity Best Practices.

View more news

4 Things You Can Do To Keep Yourself Cyber Safe

DEC 18, 2022 | BLOG
Your identity, financial data, and email contents are valuable. Cyber criminals cast as wide a net as possible to get to anyone they can.

Defending Against Illicit Cryptocurrency Mining Activity

FEB 01, 2021 | BLOG
Malicious cyber actors use cryptocurrency-based malware campaigns to install cryptomining software that hijacks the processing power of victim devices and systems to earn cryptocurrency.

Keeping Children Safe Online

JAN 23, 2023 | BLOG
Children present unique security risks when they use a computer. Not only do you have to keep them safe; you have to protect the data on your computer. By taking some simple steps, you can dramatically reduce the threats.
View more news

Cybersecurity Training

Learn the cybersecurity best practices you need to help secure our cyber space.

View more Training

Cyber Storm Cyber Exercise Series

EXERCISE | OTHER
Cyber Storm is CISA’s biennial national cyber exercise series. The nation's most expansive cybersecurity exercise, Cyber Storm is an opportunity for the private sector to come together with all levels of government to address cyber response as a whole community.

Federal Cyber Defense Skilling Academy

Looking to make a career change or learn a new cybersecurity skill? The Federal Defense Skilling Academy provides you with the opportunity to step away from your current federal position and participate in a three-month-long program that teaches you the skills of a Cyber Defense.

Cyber Range Training Events

SEMINAR/WORKSHOP | VIRTUAL/ONLINE
Cyber Range Training courses provide guided step-action labs for cyber practitioners to practice investigating, remediating, and incident response skills.
View more Training

Cybersecurity Resources

Use CISA's resources to gain important cybersecurity best practices knowledge and skills.

View more resources

If You See Something, Say Something

Everyone has the power to stop a threat and help secure the nation. Read about how, by just reporting suspicious activity or strange behavior, you play an essential role in keeping our communities safe and secure.

Women Leaders in Cybersecurity Webinar

Featuring the Founder and Executive Director of Black Girls in Cyber, Talya Parker, this interactive roundtable discussion focuses on the important role women play in the cybersecurity community as well as the latest  developments in the field. 

Cyber Career Pathways Tool

Identify, build, and navigate a cyber career pathway using this free interactive tool built in collaboration with NICCS. There is a pathway for all education levels, experience, and interests. Find yours today.

The Daily Scoop Podcast

CISA Executive Assistant Director, Dr. David Mussington, discusses the intersection of physical security and cybersecurity across the federal government.

Cyber Resource Hub

CISA offers a range of cybersecurity assessments that evaluate operational resilience, cybersecurity practices, organizational management of external dependencies, and other key elements of a robust and resilient cyber framework.

View more resources

Contact Us

Need CISA's help but don't know where to start?

Organizations can also report anomalous cyber activity and/or cyber incidents 24/7 to report@cisa.gov or (888) 282-0870.

Return to top
  • Topics
  • Spotlight
  • Resources & Tools
  • News & Events
  • Careers
  • About
Cybersecurity & Infrastructure Security Agency
  • Facebook
  • Twitter
  • LinkedIn
  • YouTube
  • Instagram
  • RSS
CISA Central 888-282-0870 Central@cisa.dhs.gov
DHS Seal
CISA.gov
An official website of the U.S. Department of Homeland Security
  • About CISA
  • Accessibility
  • Budget and Performance
  • DHS.gov
  • FOIA Requests
  • No FEAR Act
  • Office of Inspector General
  • Privacy Policy
  • The White House
  • USA.gov
  • Website Feedback