CISA Insights: Foreign Influence Operations Targeting Critical Infrastructure

02/18/2022 05:23 PM EST

Original release date: February 18, 2022

CISA has released CISA Insights: Preparing for and Mitigating Foreign Influence Operations Targeting Critical Infrastructure, which provides proactive steps organizations can take to assess and mitigate risks from information manipulation. Malicious actors may use tactics—such as misinformation, disinformation, and malinformation—to shape public opinion, undermine trust, and amplify division, which can lead to impacts to critical functions and services across multiple sectors.
 
Current social factors—including heightened polarization and the ongoing global pandemic—increase the risk and potency of influence operations to U.S. critical infrastructure. CISA encourages leaders at all organizations to review the CISA Insights and follow the guidance to assess risk and increase resilience.

This product is provided subject to this Notification and this Privacy & Use policy.

CISA Urges Organizations to Implement Immediate Cybersecurity Measures to Protect Against Potential Threats

01/18/2022 08:51 AM EST

Original release date: January 18, 2022

In response to recent malicious cyber incidents in Ukraine—including the defacement of government websites and the presence of potentially destructive malware on Ukrainian systems—CISA has published CISA Insights: Implement Cybersecurity Measures Now to Protect Against Potential Critical Threats. The CISA Insights strongly urges leaders and network defenders to be on alert for malicious cyber activity and provides a checklist of concrete actions that every organization—regardless of sector or size—can take immediately to: 

  • Reduce the likelihood of a damaging cyber intrusion, 
  • Detect a potential intrusion, 
  • Ensure the organization is prepared to respond if an intrusion occurs, and 
  • Maximize the organization’s resilience to a destructive cyber incident.

CISA urges senior leaders and network defenders to review the CISA Insights and implement the cybersecurity measures on the checklist.

This product is provided subject to this Notification and this Privacy & Use policy.

Immediate Steps to Strengthen Critical Infrastructure against Potential Cyberattacks

12/15/2021 08:10 AM EST

Original release date: December 15, 2021

In light of persistent and ongoing cyber threats, CISA urges critical infrastructure owners and operators to take immediate steps to strengthen their computer network defenses against potential cyberattacks. CISA has released CISA Insights: Preparing For and Mitigating Potential Cyber Threats to provide critical infrastructure leaders with steps to proactively strengthen their organization’s operational resiliency against sophisticated threat actors, including nation-states and their proxies.

CISA encourages leadership at all organizations—and critical infrastructure owners and operators in particular—to review the CISA Insights and adopt a heighted state of awareness.

This product is provided subject to this Notification and this Privacy & Use policy.

CISA Insights on Risk Considerations for Managed Service Provider Customers

09/03/2021 11:37 AM EDT

Original release date: September 3, 2021

CISA has released a new CISA Insights, Risk Considerations for Managed Service Provider Customers (MSPs), which provides Managed Service Provider (MSP) customers a framework for reducing risk.

This framework is designed for government and private sector organizations of all sizes, and it suggests considerations for IT management planning, best practices, and tools for reducing overall risk. This resource divides guidance across these areas: (1) senior executives and boards of directors (strategic decision-making); (2) procurement professionals (operational decision-making); and (3) network administrators, systems administrators, and front-line cybersecurity staff (tactical decision-making).

Read CISA’s latest blog, visit: CISA.gov/blog/2021/09/02/going-beyond-assessing-security-practices-it- service-providers.

To view this CISA Insights, please visit: CISA.gov/publication/risk-considerations-msp-customers. For additional supply chain risk management information or resources, visit CISA.gov/ict-supply-chain-library.

This product is provided subject to this Notification and this Privacy & Use policy.