As technology continues to grow and everyday citizens rely on it more and more, the likelihood of sensitive data like identities, health information, and intellectual property being stolen and compromised has grown. Whether it's someone's social media information or crucial information about a business, cyber attacks have grown and affected more individuals. More recently, cyber attacks are becoming likely due to the Russian invasian of Ukraine as a "response to the economic costs imposed on Russia by the U.S."
The Cybersecurity & Infrastructure Security Agency (CISA), an agency of the Department of Homeland Security, leads the "national effort" in regard to cyber and physical infrastructure. CISA's mission is to "lead the National effort to understand, manage, and reduce risk to our cyber & physical infrastructure." CISA has two key roles: operate federal cybersecurity & coordinate infrastructure security & resilience. The Agency's director is Jen Easterly, who was nominated by President Biden in April 2021.
Cybersecurity
One of CISA's priorities is cybersecurity, and they work to "protect critical services and American way of life." Cybersecurity is the protection of systems and networks that can be disrupted by various means. Due to a variety of risks from physical and cyber threats, cyberspace is vulnerable. Cyberspace contains a variety of personal and governmental information that can be compromised. Other factors that make it difficult to secure cyberspace include:
Actors can operate from anywhere in the world
Linkages between cyberspace & physical systems
Difficulty of reducing vulnerabilities & consequences in complex cyber networks
CISA offers information on Nation State Cyber Threats, and they focus on China, Russia, North Korea, and Iran. They even have a Shields Up initiative, which focuses on the cyber attacks that could hurt the United States due to the Russian invasion of Ukraine. They offer actions like reducing the likelihood of damaging cyber intrustion, steps to detect potentional instructions, and maximize the organization's resilience to a destructive cyber incident.
There's also a National Cyber Awareness System, which comes from a free subscription system. Once subscribed with an email or a phone number, the system allows individuals to choose which topics they are interested in. The choices include CISA Community Bulletin, Medical Advisories, Vulnerablity Bulletins, and much more. There are five products in the system which include:
Advice for common security issues for non-technical computer users
Infrastructure Security
Infrastructure is the "[set of] physical and cyber systems and assets that are so vital to the United States that their destruction would have a debilitating impact." Examples of infrastructure in everyone's life include firewalls, networks that smart devices connect to, and computing systems.
CISA works with a variety of entities to make infrastructure more "resilient to cyber and physical threats."
CISA has a set of core services and capabilities. They provide training and resources to businesses, communities, and government partners in regards to infrastructure security. They offer:
Assessments
Help with decisions regarding where to put resources to enhance security and improve recovery at events
Out of 16 infrastructure sectors, each one is complex and has the ability to debilitate sectors of the nation. The National Risk Management Center (NRMC) works to identify the greatest risks to the nation and coordinate risk reduction activities. The NRMC has 7 initiatives to manage risks including:
CISA works to have seamless communication during "state and emergency operations." Public safety is crucial, hence why CISA works to have the best forms of emergency response providers. Planning and preparedness is a crucial step to have operable emergency communications. There are two plans in place. The first is the National Emergency Communications Plan, which is a strategic plan that drives "measureable improvements in emergency communication across all levels of government. The second is the Statewide Communication Interoperability Plan, which consists of workshops that implement these locally-driven statewide plans. CISA values coordination and other resources to maintain proper and effective communication.
CISA User Tools
Two important tools that CISA offers include Stop Ransomware and Report Cyber Issues. Ransomware, "a form of malware designed to encrypt files on a device," has become common, especially in government entities and critical infrastructure organizations. CISA's Stop Ransomware site has guidance, FAQs, and resources for anyone impacted. In case of a cyber attack, CISA offers an email to be used by anyone wanting to report an attack. People can also call (888) 282-0870 to report.
Government Information Online is produced by the staff at the Oklahoma State University Libraries Government Documents Department, a regional depository for U.S. Government and Oklahoma state government documents. We are located on the 5th floor of the Edmon Low Library. Our department website can be reached at www.info.library.okstate.edu/government-documents. For more information or for research assistance, contact us at 405.744.6546. or email suzanne.reinman@okstate.edu.
Comments