What is the cybersecurity and infrastructure security agency?

Cybersecurity and Infrastructure

The National Security and Programs Directorate (NPPD) was formed in 2007 as a component of the United States Department of Homeland Security. [10] The mission of the NPPD is to reduce and eliminate threats to America’s critical physical and cyber infrastructure. The department’s national security mission was to be furthered.

On November 16, 2018, President Trump signed the Cybersecurity and Infrastructure Security Agency Act of 2018, which expanded the mission of the former NPPD within DHS, establishing the Cybersecurity and Infrastructure Security Agency (CISA).[11] It is the successor agency of the Cybersecurity Intelligence Agency and assists both other government agencies and private sector organizations in addressing cybersecurity issues. Former NPPD Under Secretary Christopher Krebs was the first Director of CISA, and former Deputy Under Secretary Matthew Travis was its first Deputy Director.[13] [14]

A warning that “an active attacker is targeting government organizations” through DNS spoofing techniques was included in CISA’s first emergency directive (19-01: Mitigate DNS Infrastructure Tampering), which was released on January 22, 2019. Performs man-in-the-middle attacks. [16] Research group FireEye said that “initial research suggests that the actor or actors responsible have ties to Iran.”


In 2020, CISA created a website called Rumor Control to refute disinformation related to the 2020 United States presidential election. [18] CISA stated in a press release on November 12, 2020, that “there is no evidence that any voting system was compromised in any way, deleted or lost votes, or altered votes.” [19] The same day, Director Krebs indicated that he expected the Trump administration to fire Krebs, who was later fired by President Trump on November 17, 2020 [21] via tweet for his comments regarding election security.[22]

On July 12, 2021, the Senate confirmed Jane Easterly by voice vote. The Senate Committee on Homeland Security and Governmental Affairs reported Easterly’s nomination favorably on June 16, but Senator Rick Scott reportedly postponed the floor vote due to larger national security concerns until the President brought it up. Or the Vice President had not visited. Southern border with Mexico.[24] Easterly hired new staff to monitor online disinformation to enhance the country’s “cognitive infrastructure” and used an existing rumor control website during the 2021 elections.[25]

CISA definition

To safeguard the vital infrastructure of the country, a new federal agency called the Cybersecurity and Infrastructure Security Agency (CISA) was established.

It was created through the Cybersecurity and Infrastructure Security Agency Act of 2018, which was signed into law on November 16, 2018. That legislation “rebranded” the National Security and Programs Directorate (NPPD) of the Department of Homeland Security (DHS) as Cybersecurity, and the resources and responsibilities of the Infrastructure Security Agency and NPPD were transferred to the newly created agency. Before passage of the bill, NPPD managed nearly all cybersecurity-related matters for DHS.

CISA is responsible for protecting the nation’s critical infrastructure from physical and cyber threats. Its mission is to “build the national capacity to defend against cyber attacks” and “provide cybersecurity tools, incident response services, and assessment capabilities to protect the.gov network that support the essential operations of partner departments and agencies.” Working with the government”. ,

There are two main centers within CISA that are integral to the agency’s mission. First, the National Cyber Security and Communications Integration Center (NCCIC) provides 24×7 cyber-situational awareness, analysis, incident response, and cyber-defense capabilities to the federal government, state, local, tribal, and territorial governments, the private sector, and international partners. The second critical center, the National Risk Management Center (NRMC), is a planning, analysis, and collaboration center working to identify and address the most significant risks to the nation’s critical infrastructure.


Like the NPPD before it, CISA also oversees the Federal Protective Service (FPS), the Office of Cyber and Infrastructure Analysis (OCIA), the Office of Cybersecurity and Communications (OC&C), and the Office of Infrastructure Protection (OIP) within DHS. (However, the 2018 CISA Act requires DHS to review whether the FPS, which is responsible for the physical security of approximately 10,000 federal buildings and their occupants, should be transferred to another parent agency within DHS or to another federal agency.) (Also transferred the Office of Biometric Identity Management from NPPD to the DHS Management Directorate.)

With its creation and designation as a federal agency, CISA became an independent branch within DHS, equivalent to the Secret Service or the Federal Emergency Management Agency (FEMA). Christopher Krebs, former Under Secretary of the NPPD, is the first Director of CISA. Matthew Travis, former Deputy Under Secretary of the NPPD, is the first Deputy Director of the new agency. The President’s budget for FY 2020 proposes spending $3.17 billion for CISA, including $1.6 billion in budget authority for fees collected from federal agencies in support of the Federal Security Service.

cybersecurity and infrastructure


In September 2022, CISA released its 2023–2025 CISA Strategic Plan, the first comprehensive strategy document since the agency’s establishment in 2018.

“One could argue that we are in the business of critical infrastructure, and the most critical infrastructure is our cognitive infrastructure, so I think it is incredibly important to build resilience to misinformation and disinformation,” stated Easterly in August 2021.

Recently, in 2021, the Cybersecurity and Infrastructure Security Agency (CISA) released a report providing guidance on how to navigate and prevent ransomware incidents. This is due to the recent surge in ransomware-related attacks.[28]


Early days of CISA

The agency is currently in the process of formulating an action plan to tackle the wide range of responsibilities and establish the integrated approach to cybersecurity that it was established to develop. “I’m focusing on next year and really the next two years. “We gave ourselves two years to mature the organization and what we know CISA can be,” CISA’s Krebs told CSO in an interview.

The agency is currently engaged in listening sessions with private sector and government stakeholders as it formulates organizational and mission plans. Krebs broadly outlined five different lines of effort that have “mission opportunities” as well as “mission risks,” including dealing with supply chain threats to upcoming 5G networks, improving election security, strengthening government network security, protecting industrial control systems, and still monitoring. On physical security.

As well as developing its long-term strategic goals, CISA has already launched a number of initiatives. The agency, along with industry members of the Information and Communications Technology (ICT) Supply Chain Risk Management Task Force, launched efforts to identify and develop collaborative solutions to global supply chain risk to curb Chinese telecommunications. This is a timely topic given the pressure from the Trump administration. And tech giants are being prevented from gaining a foothold in telecommunications and other critical infrastructure because they fear Chinese tech suppliers incorporating surveillance technologies into their products at the behest of the Chinese government. CISA is also working on election security issues, having established a task force that brings together a broad set of resources, including temporary details from other parts of DHS, to immediately address this threat ahead of the 2020 elections. Is.

In late April 2019, CISA released the inaugural set of National Critical Functions, which identify functions so critical to the government and private sector, such as electricity delivery or internet service, that any disruption to them would have a debilitating impact on security, national economic security, or, to put. it another way, national public health or security. CISA has also emerged as a key player in implementing an executive order requiring the federal government to take significant steps to bolster and strengthen America’s cybersecurity workforce in the face of persistent workforce shortages in the cybersecurity field.

More recently, CISA’s Krebs used his agency’s newfound visibility to warn the country that Iran is increasing its malicious cyber activity and attempting to steal data and money by launching harmful “wiper attacks.” That might intentionally destroy the network, in addition to wanting to do much more.


Working together with critical infrastructure owners and operators:

Because of the private sector, CISA sees working with critical infrastructure owners and operators as central to its mission. The agency worked closely with industry partners in developing a list of critical actions because, as an agency spokesperson told CSO, “Neither the government nor the private sector has the knowledge, authority, or resources to do this. Public-private partnerships are the foundation of effective critical infrastructure protection and resilience strategies, and timely, reliable information sharing among stakeholders is essential to protecting the nation’s critical infrastructure.

Sharing information with industry is also important to other CISA programs, such as the Automated Indicator Sharing (AIS) program, which is an early warning system that allows a company or federal agency to share information in real time after an attempt has been made to compromise. Allows to do. The goal of AIS is to allow industry and government partners to protect themselves before intrusions occur.

CISA says that since March 2016 (a time frame that includes its previous incarnation as NPPD), it has shared more than six million unique cyber threat indicators with partners. A CISA spokesperson says the agency currently has more than 250 organizations connected to its AIS servers and more than 4,000 third-party AIS connections.

CISA also helps organizations better manage cybersecurity risks by helping them navigate the use of the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) along with other agency best practices. Finally, CISA encourages CISOs to connect with their respective Information Sharing and Analysis Centers (ISACs) to facilitate information exchange within their regions.

Leave a Reply