“CISA”, this acronym which means “Cybersecurity and Infrastructure Security Agency” which in Italian can be translated as “Agency for information security and infrastructures”, you have certainly seen it several times on this site: now it's time to understand what it is and how it works.
In today's increasingly interconnected and digitalized world, cybersecurity has become a top priority for governments, businesses and individuals; in response to this growing need for cyber security, in 2018, the United States established the Cybersecurity and Infrastructure Security Agency (CISA), a federal agency responsible for the protection and resilience of critical infrastructure and cybersecurity.
Note that compared to other U.S. agencies CISA was born only in 2018, making it much newer than other US agencies.
History and Origins
The Cybersecurity and Infrastructure Security Agency (CISA) was established in the United States of America on November 16, 2018, with the enactment of the Cybersecurity and Infrastructure Security Agency Act of 2018; this agency was created in response to the ever-increasing threat of cyber attacks and the need to protect critical US infrastructure; before its creation, CISA was known as National Protection and Programs Directorate (NPPD), an agency within the Department of Homeland Security (DHS).
Origin of the Name
The name “Cybersecurity and Infrastructure Security Agency (CISA)” was chosen as a reflection of the agency's mission and responsibilities. “Cybersecurity” reflects the importance of cybersecurity in today's digital world, while “Infrastructure Security” emphasizes the protection of critical infrastructure, such as energy, telecommunications and financial services.
Donald Trump's involvement in the founding of CISA
It is important to note that the former president of the United States, Donald Trump, played a significant role in the founding of CISA; His involvement was the result of an executive order signed in May 2017, which was intended to strengthen the country's cyber security.
Later, in 2018, President Trump has signed the Cybersecurity and Infrastructure Security Agency Act, officially establishing CISA; this agency, created under the auspices of the Department of Homeland Security (DHS), was designed to coordinate and provide a more effective response to cyber threats and to protect critical US infrastructure from cyber attacks.
CISA Responsibilities
CISA is responsible for protecting and hardening critical US infrastructure from cyber attacks and physical threats; his main responsibilities include:
Cyber Security Management
CISA works with public and private entities to manage and mitigate cybersecurity risks. This involves the provision of information, tools and resources to protect digital assets from cyber attacks.
Protection of Critical Infrastructures
The agency protects the United States' critical infrastructure, which includes sectors such as energy, telecommunications, transportation, water, healthcare, finance and more; CISA works to ensure that these infrastructures are resilient and protected from both internal and external threats.
National Emergency Management
CISA coordinates the nation's response to computer emergencies and cybersecurity threats. This involves collaborating with other federal agencies, developing response plans and coordinating mitigation efforts.
Promotion of Awareness and Training
The agency promotes cybersecurity awareness and provides training and resources to help the public, businesses and government agencies protect themselves from cyber attacks.
CISA Responsibilities
CISA is responsible for protecting and hardening critical US infrastructure from cyberattacks and physical threats. His main responsibilities include:
Cyber Security Management
CISA works with public and private entities to manage and mitigate cybersecurity risks. This involves providing information, tools and resources to protect digital assets from cyber attacks.
Protection of Critical Infrastructures
The agency protects the United States' critical infrastructure, which includes sectors such as energy, telecommunications, transportation, water, healthcare, finance and more. CISA works to ensure that these infrastructures are resilient and protected from both internal and external threats.
National Emergency Management
CISA coordinates the national response to computer emergencies and cybersecurity threats; this involves collaborating with other federal agencies, developing response plans, and coordinating cyber threat mitigation efforts.
Collaboration with other US agencies
CISA works closely with other U.S. agencies involved in national security, including:
- FBI (Federal Bureau of Investigation): Collaborates with CISA in investigating and responding to cyber attacks and cyber threatsensuring a coordinated and effective response.
- NSA (National Security Agency): Works collaboratively with CISA to analyze cyber threats and develop countermeasures to protect critical U.S. infrastructure.
- Department of Defense: Collaboration with the Department of Defense ensures that critical infrastructures are also protected from physical threats and sophisticated cyber attacks.
- Treasury Department, Department of Health and Human Services, Department of Transport and other: These agencies work with CISA to protect their critical infrastructure and ensure cyber security.
Promotion of Awareness and Training
The agency promotes cybersecurity awareness and provides training and resources to help the public, businesses and government agencies protect themselves from cyber attacks.
The Catalog of Known and Exploited Vulnerabilities (KEV)
The Known Exploited Vulnerabilities Catalog (KEV) is a crucial tool maintained by CISA. This is a list of known vulnerabilities that have been exploited or may be exploited by malicious actors; the KEV provides detailed information on vulnerabilities and available countermeasures, allowing organizations to mitigate the risks associated with these threats; this catalog also helps organizations identify and resolve the most critical vulnerabilities, thus reducing the risk of being affected by cyber attacks.
What is the KEV for?
The KEV utilities are the following:
- Identify Critical Vulnerabilities: KEV helps identify the most critical vulnerabilities that can be exploited by attackers.
- Prioritize Security Actions: Helps organizations prioritize security actions, focusing on the most urgent and relevant vulnerabilities.
- Fix Vulnerabilities: Provides guidance and solutions to address vulnerabilities, helping organizations protect themselves from cyber attacks.
- Improving Resilience: By using KEV, organizations can improve their resilience to cyber threats while minimizing the risk of compromise.
This catalogue can be consulted in this link.
Similar agencies outside the United States
While the United States leads the way in creating government agencies specifically dedicated to cybersecurity and critical infrastructure protection, there are several nations that have established similar organizations to address cyber threats; some examples of similar agencies internationally include:
National Cyber Security Center (NCSC) – United Kingdom
The National Cyber Security Center (NCSC) is a British Government agency, responsible for cyber security; The NCSC provides cyber security advice and responds to cyber incidents in the UK, working with the public, private and academic sectors to ensure an effective defense against cyber threats.
Australian Cyber Security Center (ACSC) – Australia
L'Australian Cyber Security Centre (ACSC) is Australia's lead authority for cyber security, managed by the Australian Signals Directorate (ASD); the ACSC provides advice, support and cyber incident response to protect Australia's national interests from cyber threats.
Agence Nationale de la Sécurité des Systèmes d'Information (ANSSI) – France
L'Agence Nationale de la Sécurité des Systèmes d'Information (ANSSI) is the French agency for information security; the ANSSI is responsible for the defense of the state's computer networks, the protection of sensitive information and the response to incidents of computer facilities.
Canadian Center for Cyber Security (CCCS) – Canada
The Canadian Center for Cyber Security (CCCS) is the Canadian cybersecurity agency, which provides advice and support to protect Canada's critical infrastructure and information systems; CCCS works with the public and private sectors to prevent, mitigate and respond to cyber threats.
Conclusion
The Cybersecurity and Infrastructure Security Agency (CISA) plays a critical role in protecting critical infrastructure and promoting cybersecurity in the United States.
Through initiatives such as the Catalog of Known and Exploited Vulnerabilities (KEVC), the agency provides organizations with the resources and information needed to mitigate the risks associated with cyber threats; However, given the rapidly evolving cybersecurity landscape, it is essential that CISA continues to adapt and innovate to meet emerging challenges and effectively protect critical US infrastructure.
#CISA #cybersecurity #agency
