The Cybersecurity and Infrastructure Security Agency (CISA) is an agency of the
United States Department of Homeland Security
The United States Department of Homeland Security (DHS) is the Federal government of the United States, U.S. United States federal executive departments, federal executive department responsible for public security, roughly comparable to the I ...
(DHS) that is responsible for strengthening
cybersecurity
Computer security, cybersecurity (cyber security), or information technology security (IT security) is the protection of computer systems and networks from attack by malicious actors that may result in unauthorized information disclosure, the ...
and infrastructure protection across all levels of government, coordinating cybersecurity programs with
U.S. states
In the United States, a state is a constituent political entity, of which there are 50. Bound together in a political union, each state holds governmental jurisdiction over a separate and defined geographic territory where it shares its sove ...
, and improving the government's cybersecurity protections against private and nation-state
hacker
A hacker is a person skilled in information technology who uses their technical knowledge to achieve a goal or overcome an obstacle, within a computerized system by non-standard means. Though the term ''hacker'' has become associated in popu ...
s.
Its activities are a continuation of the National Protection and Programs Directorate (NPPD), and was established on November 16, 2018, when President
Donald Trump
Donald John Trump (born June 14, 1946) is an American politician, media personality, and businessman who served as the 45th president of the United States from 2017 to 2021.
Trump graduated from the Wharton School of the University of Pe ...
signed into law the
Cybersecurity and Infrastructure Security Agency Act of 2018.
[ ]
History
The National Protection and Programs Directorate (NPPD) was formed in 2007 as a component of the
United States Department of Homeland Security
The United States Department of Homeland Security (DHS) is the Federal government of the United States, U.S. United States federal executive departments, federal executive department responsible for public security, roughly comparable to the I ...
. NPPD's goal was to advance the Department's
national security
National security, or national defence, is the security and defence of a sovereign state, including its citizens, economy, and institutions, which is regarded as a duty of government. Originally conceived as protection against military atta ...
mission by reducing and eliminating threats to U.S. critical physical and cyber infrastructure.
On November 16, 2018, President
Trump
Trump most commonly refers to:
* Donald Trump (born 1946), 45th president of the United States (2017–2021)
* Trump (card games), any playing card given an ad-hoc high rank
Trump may also refer to:
Businesses and organizations
* Donald J. T ...
signed into law the
Cybersecurity and Infrastructure Security Agency Act of 2018, which elevated the mission of the former NPPD within DHS, establishing the Cybersecurity and Infrastructure Security Agency (CISA). CISA is a successor agency to NPPD, and assists both other government agencies and private sector organizations in addressing cybersecurity issues. Former NPPD Under-Secretary
Christopher Krebs was CISA's first Director, and former Deputy Under-Secretary
Matthew Travis was its first deputy director.
On January 22, 2019, CISA issued its first Emergency Directive (19-01: Mitigate DNS Infrastructure Tampering)
warning that "an active attacker is targeting government organizations" using
DNS spoofing
DNS spoofing, also referred to as DNS cache poisoning, is a form of computer security hacking in which corrupt Domain Name System data is introduced into the DNS resolver's cache, causing the name server to return an incorrect result record, e.g ...
techniques to perform
man-in-the-middle attacks.
Research group FireEye stated that "initial research suggests the actor or actors responsible have a nexus to Iran."
In 2020, CISA created a website, titled ''Rumor Control'', to rebut
disinformation
Disinformation is false information deliberately spread to deceive people. It is sometimes confused with misinformation, which is false information but is not deliberate.
The English word ''disinformation'' comes from the application of the L ...
associated with the
2020 United States presidential election
The 2020 United States presidential election was the 59th quadrennial presidential election, held on Tuesday, November 3, 2020. The Democratic ticket of former vice president Joe Biden and the junior U.S. senator from California Kamala Ha ...
. On November 12, 2020, CISA issued a press release asserting, "There is no evidence that any voting system deleted or lost votes, changed votes, or was in any way compromised." On the same day, Director Krebs indicated that he expected to be dismissed from his post by the Trump administration.
Krebs was subsequently fired by President Trump on November 17, 2020 via tweet for his comments regarding the security of the election.
On July 12, 2021, the
Senate
A senate is a deliberative assembly, often the upper house or chamber of a bicameral legislature. The name comes from the ancient Roman Senate (Latin: ''Senatus''), so-called as an assembly of the senior (Latin: ''senex'' meaning "the el ...
confirmed
Jen Easterly
Jen Easterly is an American intelligence and former military official who is serving as the director of the Cybersecurity and Infrastructure Security Agency in the Biden administration. She was confirmed by a voice vote in the Senate on July 12, ...
by a Voice Vote, directly after the Senate returned from its July 4th recess. Easterly’s nomination had been reported favorably out of
Senate Committee on Homeland Security and Governmental Affairs
The United States Senate Committee on Homeland Security and Governmental Affairs is the chief oversight committee of the United States Senate. It has jurisdiction over matters related to the Department of Homeland Security and other homeland s ...
on June 16, but a floor vote had been reportedly
held
Held may refer to:
Places
* Held Glacier
People Arts and media
* Adolph Held (1885–1969), U.S. newspaper editor, banker, labor activist
*Al Held (1928–2005), U.S. abstract expressionist painter.
*Alexander Held (born 1958), German television ...
by
Senator Rick Scott over broader national security concerns, until the President or Vice President had visited the southern border with Mexico. Upon confirmation, she became the agency's second director.
Performance
In September 2022, CISA released their 2023–2025 CISA Strategic Plan, the first comprehensive strategy since the agency was established in 2018. The Strategic Plan is set against a risk landscape that encompasses an increasingly interconnected, global cyberspace in which the nation faces 24/7/365 asymmetric cyber threats with largescale, real-world impacts.
Divisions
CISA divisions include the:
*
Cybersecurity Division
* Infrastructure Security Division
* Emergency Communications Division
* National Risk Management Center
* Integrated Operations Division
* Stakeholder Engagement Division
List of directors
See also
*
List of federal agencies in the United States
Legislative definitions of a federal Government agency, agency are varied, and even contradictory. The official ''United States Government Manual'' offers no definition. While the Administrative Procedure Act (United States), Administrative Proce ...
References
External links
*
{{authority control
2018 establishments in the United States
Business services companies established in 2018
Computer security organizations
Emergency services in the United States
Government agencies established in 2018
United States Department of Homeland Security agencies