Cyber Threats and Advisories | Cybersecurity and Infrastructure . . . - CISA Any cyber-attack, no matter how small, is a threat to our national security and must be identified, managed, and shut down CISA’s Role CISA diligently tracks and shares information about the latest cybersecurity risks, attacks, and vulnerabilities, providing our nation with the tools and resources needed to defend against these threats
Risk and Vulnerability Assessments - CISA Reports by fiscal year (starting with FY20) that provide an analysis of a sample attack path a cyber threat actor could take to compromise an organization with weaknesses that are representative of those CISA observed in the fiscal year's RVAs The analysis maps the attack path to the ATT CK framework
Cyber Assessments - CISA Annually, CISA publishes a report of findings from RVAs conducted each fiscal year (FY) It is an analysis of a sample attack path a cyber threat actor could take to compromise an organization with weaknesses that are representative of those observed by CISA On September 13, 2024, we published the FY23 RVAs Analysis and Infographic
Peoples Republic of China Cyber Threat - CISA According to our joint advisory on PRC state-sponsored activity, PRC state-sponsored cyber actors are seeking to pre-position themselves on information technology (IT) networks for disruptive or destructive cyberattacks against U S critical infrastructure in the event of a major crisis or conflict with the United States:
CISA Releases Analysis of FY23 Risk and Vulnerability Assessments The analysis details a sample attack path including tactics and steps a cyber threat actor could follow to compromise an organization with weaknesses representative of those CISA observed in FY23 RVAs
Free Cybersecurity Services Tools - CISA CISA's no-cost, in-house cybersecurity services designed to help individuals and organizations build and maintain a robust and resilient cyber framework An extensive selection of free cybersecurity services and tools provided by the private and public sector to help organizations further advance their security capabilities
Cybersecurity Incident Vulnerability Response Playbooks - CISA Cyber threat intelligence can include threat landscape reporting, threat actor profiles and intents, organizational targets and campaigns, as well as more specific threat indicators and courses of action Ingest cyber threat indicators and integrated threat feeds into a SIEM, and use other defensive capabilities to identify and block ® —
CISA Insights: Chinese Cyber Threat Overview for Leaders This joint analysis provides a summary of the Chinese state-sponsored cyber threat to the U S Federal Government; state, local, tribal, and territorial (SLTT) governments; CI organizations; and private industry and provides recommendations for organization leadership to reduce the risk of cyber espionage and data theft
Information Sharing | Cybersecurity and Infrastructure Security . . . - CISA Information sharing is essential to furthering cybersecurity for the nation Isolating cyber attacks and preventing them in the future requires the coordination of many groups and organizations By rapidly sharing critical information about attacks and vulnerabilities, the scope and magnitude of cyber events can be greatly decreased