The NEW #PSA has launched! “WE CAN SECURE OUR WORLD” teaches 4 easy ways to stay safe online. Check it out and share with your team.
Cybersecurity and Infrastructure Security Agency
Government Administration
Washington, District of Columbia 497,651 followers
Defend Today, Secure Tomorrow
About us
We lead the National effort to understand, manage, and reduce risk to our cyber and physical infrastructure. Our multi-faceted mission is home to more than 15 career fields including business administration, cybersecurity, program management, communications, data science. We play a vital role in protecting the homeland. Please visit our official website (cisa.gov) to learn how you can contribute to our mission. Review our full Comment Policy: cisa.gov/comment-policy Review DHS LinkedIn Privacy Policy: dhs.gov/linkedin-privacy-policy-and-notice
- Website
-
http://www.cisa.gov
External link for Cybersecurity and Infrastructure Security Agency
- Industry
- Government Administration
- Company size
- 1,001-5,000 employees
- Headquarters
- Washington, District of Columbia
- Type
- Government Agency
- Founded
- 2018
Locations
-
Washington, District of Columbia 20528, US
Employees at Cybersecurity and Infrastructure Security Agency
-
Andrew Scott
International Affairs | Strategy | Operations | Crisis Response
-
Conrad Jalali
-
Jamil Jaffer
Paladin Capital - Venture Partner | RangeForce - Board Dir | Tozny - Board Dir | DHS Cyber Safety Review Board - Member | U.S. Strategic Metals - Adv…
-
Dr. Richard Lord
DIT Info Assur and Cybersecurity | PMP | CISSP | AI | Cloud
Updates
-
“After retiring from the military, I was ready for a new chapter, but wanted to continue my service to the Nation. With CISA, I found a premier organization that gives me the opportunity to continue to serve, albeit in a different capacity. “What I like most about CISA is having a supervisor who supports work/life balance and encourages professional development. I also enjoy working with team members whose knowledge and expertise motivates me to learn more, as well as the daily challenges to build our organization with talented personnel.” Rich Brumfield, Administrative Specialist
-
-
With the Federal Bureau of Investigation (FBI), we published a Secure by Design Alert, Eliminating OS Command Injection Vulnerabilities to Compromise Systems, urging software manufacturers to design and develop software that ensures proper validation or sanitization of user input. In recent incidents, unauthenticated threat actors compromised users and remotely executed code by exploiting command injection defects in network edge devices (CVE-2024-20399, CVE-2024-3400, CVE-2024-21887). Technology manufacturer leaders should develop products that are secure by design which can reasonably protect against malicious cyber actors exploiting the most common and dangerous classes of product defects. Software manufacturers and customers are encouraged to read the alert and implement recommended actions. https://go.dhs.gov/3ex
-
-
Security risks from memory unsafe languages are the most dangerous class of vulnerabilities in software today, according to a report on Memory Safety in Critical Open Source Projects – Learn how more than half of critical open source projects contain code written in a memory-unsafe language: https://lnkd.in/gSe7Gkf6
-
Don’t miss out on the next Implementing the National Emergency Communications Plan (NECP) Webinar on Wednesday, July 24th at 1 PM ET. 🔍 Join us to explore how leveraging insights from large national surveys like the SAFECOM Nationwide Survey #SNS help #PublicSafety and #EmergencyCommunications entities better understand the changing dynamics of emergency communications and align their strategies with broader national goals. Don't miss out on this informative event. For more information, visit: cisa.gov/necp-webinars 🌐🔒
-
-
We are nearing our all-time record for registrations for one of our #chemicalsecuirity events. Register now to help push us over the top and join us tomorrow at 10 am ET (7 am PT) as we kick off the 2024 Chemical Security Seminars: https://lnkd.in/gJXSTnB9.
-
-
Kevin can’t relax with his family until he makes sure things are secure at the office. His first item of business is requiring his staff to use strong passwords on all their apps—and a password manager to remember them by. Fortunately, everything he needs to know is on our website at https://lnkd.in/g-nq6NB3
-
-
Now is the time to make sure that AI is built #SecureByDesign. Thanks EDGE24 for hosting us today! Learn more about our AI work at cisa.gov/ai
Exciting panel discussion on security and operationalized AI featuring Sunil Madhugiri, CTO, Office of the Assistant Commisioner, U.S. Customs and Border Protection and Brandon Wales, Executive Director Cybersecurity and Infrastructure Security Agency in. The session was expertly moderated by Jay Meil , Chief Data Scientist and Director of Strategy, Artificial Intelligence at SAIC #AI #Security #OperationalAI #TechLeadership #Innovation #DataScience #CyberSecurity #AIinGovernment
-
-
With Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) and other U.S. and international partners, we published a joint advisory that outlines activity and tradecraft of a state-sponsored cyber group associated with the PRC Ministry of State Security. It is based on current, shared understanding of advanced persistent threat group, APT 40, and recent ASD’s ACSC incident response investigations. https://go.dhs.gov/3mu APT 40 demonstrates agility in quickly using public exploit proofs of concept (POCs) to target networks of interest, conducts regular reconnaissance against networks of interest, and exploits rapidly new public vulnerabilities in widely used software. To help cybersecurity practitioners identify, prevent and remediate APT 40 intrusions against their own networks, the advisory provides a couple significant case studies of this adversary’s malicious activity against victim network. Recommended mitigations to reduce risk to being compromised by similar activity include comprehensive and historical logging information, prioritize patching for all internet exposed devices and services, and segment networks to limit or block lateral movement. https://go.dhs.gov/3mu
-
-
Tune into our next CISA Live! to hear CISA Deputy Director Natarajan, HHS Deputy Director of ASPR’s Office of Preparedness Brian Mazanec, and HHS Director of ASPR’s Critical Infrastructure Protection Office Commander TJ Christl discuss current cyber threats to the healthcare and public health sector and tools and resources available to help prevent, mitigate, and recover from cyber incidents. They will also answer live audience questions Wednesday, July 17 at 11:30 AM EDT. Register here: https://lnkd.in/ga99TRD2
-