The NEW #PSA has launched! “WE CAN SECURE OUR WORLD” teaches 4 easy ways to stay safe online. Check it out and share with your team.
Cybersecurity and Infrastructure Security Agency
Government Administration
Washington, District of Columbia 498,134 followers
Defend Today, Secure Tomorrow
About us
We lead the National effort to understand, manage, and reduce risk to our cyber and physical infrastructure. Our multi-faceted mission is home to more than 15 career fields including business administration, cybersecurity, program management, communications, data science. We play a vital role in protecting the homeland. Please visit our official website (cisa.gov) to learn how you can contribute to our mission. Review our full Comment Policy: cisa.gov/comment-policy Review DHS LinkedIn Privacy Policy: dhs.gov/linkedin-privacy-policy-and-notice
- Website
-
http://www.cisa.gov
External link for Cybersecurity and Infrastructure Security Agency
- Industry
- Government Administration
- Company size
- 1,001-5,000 employees
- Headquarters
- Washington, District of Columbia
- Type
- Government Agency
- Founded
- 2018
Locations
-
Washington, District of Columbia 20528, US
Employees at Cybersecurity and Infrastructure Security Agency
-
Andrew Scott
International Affairs | Strategy | Operations | Crisis Response
-
Conrad Jalali
-
Jamil Jaffer
Paladin Capital - Venture Partner | RangeForce - Board Dir | Tozny - Board Dir | DHS Cyber Safety Review Board - Member | U.S. Strategic Metals - Adv…
-
Dr. Richard Lord
DIT Info Assur and Cybersecurity | PMP | CISSP | AI | Cloud
Updates
-
Thanks to everyone who attended yesterday’s sessions for the 2024 Chemical Security Seminars. There’s still time to register for week 2 on 7/18. Topics will include “wicked problems,” drones, chemical incident response strategies and threat mitigation tactics: https://lnkd.in/gJXSTnB9
-
Join us on July 23rd, 2024 from 1 - 2 PM EST as we engage in a moderated panel discussion on Data Science, Machine Learning, Natural Language Processing, and Post-Quantum Cryptography. https://lnkd.in/gTnxRbyS
-
Join us for the final virtual public listening session on August 1, 1-2PM EST! Share your thoughts on the National Cyber Incident Response Plan & coordinating with the federal government on cyber incident response. Pre-register at https://go.dhs.gov/3s3
-
Cybersecurity and Infrastructure Security Agency reposted this
In a recent roundtable hosted by Congressman Mark E Green MD, Ivanti CEO Jeff Abbott discussed the evolving landscape of national security with cybersecurity leaders, including Cybersecurity and Infrastructure Security Agency Director Jen Easterly. Their conversation highlighted critical challenges and opportunities, such as expanding the cyber workforce, streamlining government regulations, and integrating security at the design stage of software development. Read all of the key takeaways and strategic insights from this important discussion: https://bit.ly/3VUmwfM #SecureByDesign
-
Join us on Wednesday, July 17 for a CISA Live! on LinkedIn to learn about how we work with our partner HHS to support the Healthcare and Public Health sector. Participants will learn about current cyber threats to the healthcare and public health sector and tools and resources available to help prevent, mitigate, and recover from cyber incidents. They will also have the opportunity to participate in a live Q&A! Learn more: https://lnkd.in/ga99TRD2
-
We released a Cybersecurity Advisory (CSA) detailing activity during our red team assessment against a federal civilian agency in early 2023 to assist executives, leaders and network defenders in any organizations with refining their cybersecurity, detection, response, and hunt capabilities to reduce risk to real-world exploitation and compromise by advanced persistent threat (APT) actors: https://go.dhs.gov/3nP This advisory includes tactics, techniques, and procedures (TTPs), associated network defense activity, recommended mitigations, and lessons learned such as: • Ensure sufficient controls to prevent and detect malicious activity, • Implement effective and efficient processes for the collection, retention and analysis of logs, • Identify and remove bureaucratic processes and decentralized teams that hinders the work of the organization’s network defenders, and • Avoid using a “known-bad” detection approach which that will hamper the detection of alternate TTPs. We encourage organizations to review the advisory and apply the recommended mitigations: https://go.dhs.gov/3nP
-
How are we balancing innovation and ethics with AI? Lisa Einstein discussed the importance of scaling AI responsibly at the 2nd annual Defense Technology Review Conference hosted by the Office of the Under Secretary of Defense for Research and Engineering. Learn more about how we are using AI: cisa.gov/ai
-
“After retiring from the military, I was ready for a new chapter, but wanted to continue my service to the Nation. With CISA, I found a premier organization that gives me the opportunity to continue to serve, albeit in a different capacity. “What I like most about CISA is having a supervisor who supports work/life balance and encourages professional development. I also enjoy working with team members whose knowledge and expertise motivates me to learn more, as well as the daily challenges to build our organization with talented personnel.” Rich Brumfield, Administrative Specialist
-
With the Federal Bureau of Investigation (FBI), we published a Secure by Design Alert, Eliminating OS Command Injection Vulnerabilities to Compromise Systems, urging software manufacturers to design and develop software that ensures proper validation or sanitization of user input. In recent incidents, unauthenticated threat actors compromised users and remotely executed code by exploiting command injection defects in network edge devices (CVE-2024-20399, CVE-2024-3400, CVE-2024-21887). Technology manufacturer leaders should develop products that are secure by design which can reasonably protect against malicious cyber actors exploiting the most common and dangerous classes of product defects. Software manufacturers and customers are encouraged to read the alert and implement recommended actions. https://go.dhs.gov/3ex