What is the US Cybersecurity and Infrastructure Security Agency (CISA)?

History of CISA

What is the US Cybersecurity and Infrastructure Security Agency (CISA)?

The Cybersecurity and Infrastructure Security Agency (CISA) is a US-based national risk advisor built to combat digital threats and increase vulnerability resilience.

CISA is a Federal agency and is the leading regulatory body for providing the frameworks to protect against online security challenges. The institution collaborates with private security firms, state governments, researchers, and law enforcement in order to protect its national security from cyber threats.

History of CISA

CISA exists to strengthen the backbone of cybersecurity in the USA. With the introduction of the internet in 1983, tech has grown at an unimaginable pace in order to adapt and develop with the real world around it. As such, digital threats are fast moving, having become more versatile and have the potential to sting harder.

In particular, there was a huge ransomware attack in 2015, revealing the information of over 22 million Federal employees. This revealed the true potential impact of cybersecurity threats that previously may not have been taken as seriously. The agency was formed in 2018 in response to growing threats and aims to prevent future hacking attempts. 

Features of CISA

CISA has two primary cybersecurity performance goals: threat prevention and cybersecurity response.

Threat prevention

After the fallout of 2015, CISA works to forecast emerging technologies that may be used to infiltrate sensitive data sources. Moreover, the agency actively creates extraneous cyber defence capabilities in order to protect against threats and more generally-developed scientific functions.

The other way in which CISA works to prevent threats is by managing risk through regulation. Therefore, financial institutions are subject to specific operational conditions, with compliance extending to other public safety industries, such as law enforcement agencies.

Cybersecurity response

CISA was also created in order to generate responses to cybersecurity (malware) infiltration in both a strong and an urgent manner. The organisation offers cyber situational awareness training for the institutions that it aims to protect. 

Furthermore, CISA provides incident response services. The purpose of this feature is to minimise the effects of infiltration as well as sharing intelligence, especially since the information captured can be incredibly valuable. 

Who must comply?

Financial institutions are considered ‘critical infrastructure organizations’, and are essential to CISA’s duties. Information sharing is mandatory across the industry, with the Automated Indicator Sharing (AIS) program instantly alerting authorities in case of penetration against cybersecurity measures. Institutions are also, therefore, required to disclose cyberattacks to their customers and the public.

It is important to note that CISA guidance is not mandatory for non-federal entities, however, it is highly encouraged. In a business sense, being afforded the privilege of access to the top techniques against cybersecurity is hardly undesirable.



Related resources

Regulatory Risk Management: How will Executive Order 14028 change the cybersecurity landscape?

Regulatory Risk Management: How will Executive Order 14028 change the cybersecurity landscape?

What is Executive Order 14028 and who must comply with the US regulation? And will it affect the cyb...

What is the US’ Community Reinvestment Act?

What is the US’ Community Reinvestment Act?

Are you aware of the latest updates to the Community Reinvestment Act in the US? Learn more about fi...

What regulations are there for the payment services industry?

What regulations are there for the payment services industry?

Discover the regulations shaping payment services, from PSD2 to AMLD6. Stay compliant with CUBE's in...

What is the CISO (Chief Information Security Officer) responsible for?

What is the CISO (Chief Information Security Officer) responsible for?

CISO's face a number of challenges with regulations constantly changing. Learn more about some of th...

View More