Loading AI tools
Agency of the United States Department of Homeland Security From Wikipedia, the free encyclopedia
The Cybersecurity and Infrastructure Security Agency (CISA) is a component of the United States Department of Homeland Security (DHS) responsible for cybersecurity and infrastructure protection across all levels of government, coordinating cybersecurity programs with U.S. states, and improving the government's cybersecurity protections against private and nation-state hackers.[4]
CISA's future headquarters on the Elizabeth's Campus in Washington, D.C. | |
Agency overview | |
---|---|
Formed | November 26, 2018 |
Preceding agency |
|
Jurisdiction | United States Federal Government |
Headquarters | Washington, DC, United States |
Motto | "America's Cyber Defense Agency" |
Employees | 3,161 (2023)[1] |
Annual budget | $2.9 billion (2023) |
Agency executives |
|
Parent department | Department of Homeland Security |
Website | cisa |
The agency began in 2007 as the DHS National Protection and Programs Directorate.[4][5] With the Cybersecurity and Infrastructure Security Agency Act of 2018, CISA's footprint grew to include roles in securing elections and the census, managing National Special Security Events, and the U.S. response to the COVID-19 pandemic.[6] It has also been involved in 5G network security and hardening the US grid against electromagnetic pulses (EMPs).[6] The Office for Bombing Prevention leads the national counter-IED effort.[7]
Currently headquartered in Arlington, Virginia, in 2025 CISA is planning to move its headquarters along with 6,500 employees to a new 10 story, 620,000 sq ft building on the consolidated DHS St. Elizabeths campus headquarters.[8]
The National Protection and Programs Directorate (NPPD) was formed in 2007 as a component of the United States Department of Homeland Security.[9] NPPD's goal was to advance the Department's national security mission by reducing and eliminating threats to U.S. critical physical and cyber infrastructure.
On November 16, 2018, President Trump signed into law the Cybersecurity and Infrastructure Security Agency Act of 2018, which elevated the mission of the former NPPD within DHS, establishing the Cybersecurity and Infrastructure Security Agency (CISA).[10] CISA is a successor agency to NPPD, and assists both other government agencies and private sector organizations in addressing cybersecurity issues.[11] Former NPPD Under-Secretary Christopher Krebs was CISA's first Director, and former Deputy Under-Secretary Matthew Travis was its first deputy director.[12][13]
On January 22, 2019, CISA issued its first Emergency Directive (19-01: Mitigate DNS Infrastructure Tampering)[14] warning that "an active attacker is targeting government organizations" using DNS spoofing techniques to perform man-in-the-middle attacks.[15] Research group FireEye stated that "initial research suggests the actor or actors responsible have a nexus to Iran."[16]
In 2020, CISA created a website, titled Rumor Control, to rebut disinformation associated with the 2020 United States presidential election.[17] On November 12, 2020, CISA issued a press release asserting, "There is no evidence that any voting system deleted or lost votes, changed votes, or was in any way compromised."[18] On the same day, Director Krebs indicated that he expected to be dismissed from his post by the Trump administration.[19] Krebs was subsequently fired by President Trump on November 17, 2020[20] via tweet for his comments regarding the security of the election.[21]
On July 12, 2021, the Senate confirmed Jen Easterly by a voice vote.[22] Easterly's nomination had been reported favorably out of Senate Committee on Homeland Security and Governmental Affairs on June 16, but a floor vote had been reportedly held (delayed) by Senator Rick Scott over broader national security concerns, until the President or Vice President had visited the southern border with Mexico.[23] Easterly hired new staff to monitor online disinformation to enhance what she called the nation's "cognitive infrastructure" and utilized the existing rumor control website during the 2021 elections.[24]
In September 2022, CISA released their 2023–2025 CISA Strategic Plan, the first comprehensive strategy document since the agency was established in 2018.[25]
CISA divisions include the:[26]
The Continuous Diagnostics and Mitigations program provides cybersecurity tools and services to federal agencies.[28][29]
CISA issues "binding operational directives" that require federal government agencies to take action against specific cybersecurity risks.[30]
In March 2021, CISA assumed control of the .gov top-level domain (TLD) from the General Services Administration. CISA manages the approval of domains and operates the TLD Domain Name System nameservers. In April 2021, CISA removed the fee for registering domains.[31] In January 2023, Cloudflare received a $7.2M contract to provide DNS registry and hosting services for the TLD.[32]
CISA provides incident response services to the federal executive branch and US-based entities.
CISA manages the EINSTEIN intrusion detection system to detect malicious activity on federal government agency networks.
The National Defense Authorization Act for Fiscal Year 2021 granted CISA the authority to issue administrative subpoenas in order to identify the owners of internet connected critical infrastructure related devices with specific vulnerabilities. In 2021, CISA issued 47 subpoenas.[33]
In August 2021, Easterly stated "One could argue we’re in the business of critical infrastructure, and the most critical infrastructure is our cognitive infrastructure, so building that resilience to misinformation and disinformation, I think, is incredibly important."[34]
In 2021, CISA released a report that provided guidance for how to navigate and prevent ransomware incidents. This was due to a significant jump in recent attacks related to ransomware.[35]
In 2021, the Agency created the Cybersecurity Advisory Committee with the following members:[36]
No. | Director | Term | |||
---|---|---|---|---|---|
Portrait | Name | Took office | Left office | Term length | |
1 | Chris C. Krebs | 16 November 2018 | 17 November 2020 | 2 years, 1 day | |
2 | Jen M. Easterly | 13 July 2021 | Incumbent | 3 years, 131 days |
Seamless Wikipedia browsing. On steroids.
Every time you click a link to Wikipedia, Wiktionary or Wikiquote in your browser's search results, it will show the modern Wikiwand interface.
Wikiwand extension is a five stars, simple, with minimum permission required to keep your browsing private, safe and transparent.