Skip to main content
U.S. flag

An official website of the United States government

Here’s how you know

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

HTTPS

Secure .gov websites use HTTPS
A lock (LockA locked padlock) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Free Cyber ServicesSecure by design Secure Our WorldShields UpReport A Cyber Issue

Cybersecurity & Infrastructure Security Agency logo America’s Cyber Security Defense Agency National Coordinator For Critical Infrastructure Security and ResilienceCybersecurity & Infrastructure Security Agency logo America’s Cyber Security Defense Agency National Coordinator For Critical Infrastructure Security and Resilience
CISA Logo

Search

 

America's Cyber Defense Agency
 
  • Topics
    Cybersecurity Best Practices
    Cyber Threats and Advisories
    Critical Infrastructure Security and Resilience
    Election Security
    Emergency Communications
    Industrial Control Systems
    Information and Communications Technology Supply Chain Security
    Partnerships and Collaboration
    Physical Security
    Risk Management
    How can we help?
    GovernmentEducational InstitutionsIndustryState, Local, Tribal, and TerritorialIndividuals and FamiliesSmall and Medium BusinessesFind Help LocallyFaith-Based CommunityExecutivesHigh-Risk Communities
  • Spotlight
  • Resources & Tools
    All Resources & Tools
    Services
    Programs
    Resources
    Training
    Groups
  • News & Events
    News
    Events
    Cybersecurity Alerts & Advisories
    Directives
    Request a CISA Speaker
    Congressional Testimony
    CISA Conferences
    CISA Live!
  • Careers
    Benefits & Perks
    HireVue Applicant Reasonable Accommodations Process
    Hiring
    Resume & Application Tips
    Students & Recent Graduates
    Veteran and Military Spouses
  • About
    Divisions & Offices
    Regions
    Leadership
    Doing Business with CISA
    Site Links
    CISA GitHub
    CISA Central
    Contact Us
    Subscribe
    Transparency and Accountability
    Policies & Plans

Free Cyber ServicesSecure by design Secure Our WorldShields UpReport A Cyber Issue

Breadcrumb
  1. Home
  2. Topics
  3. Risk Management
  4. Connected Communities
Share:
image of a city with a graphic representation of network points

Connected Communities

Working to protect our networks of connected technology.

Risk Management

  • Connected Communities
  • Electromagnetic Pulse
  • National Critical Functions
  • Positioning, Navigation, and Timing
  • Secure Tomorrow Series
  • Space Systems

Connected Communities leverage networks of connected technologies to provide more efficient, innovative, and sustainable infrastructure across the nation.

Increasingly, localities across the United States and internationally are implementing “smart” connected technologies across critical infrastructure sectors, seeking cost-savings and enhanced quality-of-life for their citizens. The interconnectedness and interdependence of these smart technologies provides a community with many benefits while also introducing an expanded attack surface, increasing the potential for malicious activity and cybersecurity compromise.

CISA’s Role

The Connected Communities Initiative (CCI) represents a shift in CISA’s focus from exclusively supporting security of 5G networks, to a comprehensive examination of the technologies in which those networks enable. Integrating a greater number of infrastructure systems into a single network environment increases opportunities for threat actors to successfully exploit a vulnerability for initial access, move laterally across networks and cause cascading, cross-sector disruptions of infrastructure operations. The possible impacts due to these risks have prompted CISA, through the National Risk Management Center (NRMC), to establish this initiative to develop, organize, and coordinate risk mitigation strategies relating to smart and connected technologies.

Risks to Connected Communities

Connected Communities represent an opportunity, especially for state and local governments, to improve the lives of their constituents through technological innovation and data-driven decision making. However, the increased reliance of critical infrastructure operations on converged information technology (IT) and operational technology (OT) systems to operate, could potentially lead to disruptions of service or critical processes, resulting in significant cascading impacts throughout U.S. critical infrastructure.

The compromise of smart and connected technologies could introduce new risks to infrastructure operations of State, Local, Tribal, and Territorial (SLTT) stakeholders which, if exploited, could impact critical infrastructure operations and the security of sensitive government and personal data. CISA is committed to working with government, industry, and international partners to develop, organize, and coordinate risk mitigation strategies relating to smart and connected technologies.

Product Survey Feedback

Secure Tomorrow Series Toolkit Icon

Let's Get Started

We welcome your feedback! Please share your thoughts about CCI products through this voluntary, anonymous Product Feedback Survey. 

Product Feedback Survey

Lines of Effort

The NRMC has identified an initial set of four Lines of Effort (LOE) targeted to address the risks that smart connected technologies pose to National Critical Functions (NCFs) and critical infrastructure. The following LOEs will be planned and executed in close collaboration with key partners:

Blue computer coding on screen

Risk Analysis

Assess the risks, both cyber and physical, that smart technologies pose to Connected Communities stakeholders.

Handshake with blue overlay

Stakeholder Engagement

Establish an inward and outward flow of trusted information to understand obstacles and success, and disseminate lessons learned and best practices relating to the development, deployment, and employment of smart and connected technologies.

Shadows of people talking with blue overlay

Product Development

Create products and resources that promote the secure and resilient deployment of smart technologies by Connected Communities stakeholders.

United States Capitol Building with blue overlay

Support Policy and Standards Development

Act as a trusted voice, offering sound risk management principles and perspectives, within the Federal and SLTT policy and standards community to inform the development of policy and standards.

Connected Community Resources

Connected Communities Top Cybersecurity Best Practices

The Cybersecurity Best Practices features a list of the top cybersecurity best practices that all municipalities should consider implementing to enhance their security and resilience postures. 

Connected Communities Initiative IoT Device Risk and Mitigation Infographic

This infographic serves as a tool for state, local, tribal, and territorial decision-makers to better understand how common IoT devices are used in a connected communities’ context, visualize corresponding risks, and identify appropriate mitigation.

Connected Communities Procurement and Implementation Guidance

These Connected Communities Procurement and Implementation Guidance infographics assist state, local, tribal, and territorial (SLTT) government officials in mitigating risks in their supply chains when procuring smart and connected technologies. 

Cybersecurity Best Practices for Smart Cities

Joint U.S. & international guide to help communities considering smart city technologies understand cybersecurity risks that comes with this integration and best practices to strengthen their cyber posture.

Connected Communities Risk Postcard Series

These Connected Communities Risk Postcards each provide a snapshot overview of risks to connected communities and risk mitigation recommendations to consider when implementing smart and connected technology into an integrated environment. 

Connected Communities Guidance: Zero Trust to Protect Interconnected Systems

This publication serves as user-friendly guidance for connected communities to better understand the risks associated with interconnected systems and how zero trust principles can be an effective mitigation approach to better protect their networks.

Related Resources

View more resources

Internet of Things (IoT) Acquisition Guidance Document

PUBLICATION
Identifies considerations for the purchase of IoT devices, systems, and services.
Download File (PDF, 3.03 MB)

How to Write a Connected Community Strategy

PUBLICATION
This foundational guide is the first in a series of guides that the Department of Homeland Security (DHS) hopes will help communities achieve their connected community goals.
How to Write a Connected Community Strategy
View more resources

Contact Us

For questions or comments, email nrmc.intake@cisa.dhs.gov.

Return to top
  • Topics
  • Spotlight
  • Resources & Tools
  • News & Events
  • Careers
  • About
Cybersecurity & Infrastructure Security Agency
  • Facebook
  • X
  • LinkedIn
  • YouTube
  • Instagram
  • RSS
CISA Central 1-844-Say-CISA SayCISA@cisa.dhs.gov
DHS Seal
CISA.gov
An official website of the U.S. Department of Homeland Security
  • About CISA
  • Budget and Performance
  • DHS.gov
  • FOIA Requests
  • No FEAR Act
  • Office of Inspector General
  • Privacy Policy
  • Subscribe
  • The White House
  • USA.gov
  • Website Feedback