Enhance cybersecurity awareness and survivability for DoD, industry partners, and academia in the face of the ever-increasing threat of cyber attacks. Cybersecurity (CS) includes managing risks related to the use, processing, storage, and transmission of information and the systems and processes used for those purposes, including analog and physical form. CS includes information availability, identification and authentication, confidentiality, integrity, and non-repudiation as well as the economic considerations with respect to selection of CS techniques, CS processes, and industry trends.
Cybersecurity and Infrastructure Security Agency (CISA) Act of 2018
This topic contains 9 replies, has 1 voice, and was last updated by 
-
Topic
-
On November 16, 2018, President Trump signed into law the Cybersecurity and Infrastructure Security Agency Act of 2018. This landmark legislation elevates the mission of the former National Protection and Programs Directorate (NPPD) within DHS and establishes the Cybersecurity and Infrastructure Security Agency (CISA).
-
Replies
-
The CISA Act is a needed response to the growing and more complicated cyber environment and associated risks. Through the agency, the needed leadership is established and a national proactive approach can be taken. Important aspects are the government and private sector partnership with respect to critical infrastructure, especially since the private sector owns a substantial portion of the infrastructure. Further, the partnership makes sense since government and private sector are successfully engaged in areas of space exploration and fintech. In addition, the agency is providing a consolidated “all-hazards risk analysis”. Such a tool is key. What vulnerabilities may exist and where, is vital to determining the security measures needed. Finally, another important aspect is the agency’s #BeCyberSmart initiative. By having a national effort to raise awareness, educate the nation, and for all to take personal responsibilities for online security measures helps address one of the major vulnerabilities in the use of cyber services: lack of awareness and training and education.
-
I’m interested to see what regulations for companies will be put in place by this newly formed agency. Often overlooked in the budget, security and cybersecurity may become a required spend. Beyond job growth opportunities, enhanced consumer protection should be a benefit the USA sees from this.
-
Interesting Article.
Thank you
-
-
It is good to see that this agence was created with bi-partisan support. Time will tell if CISA can help fend off attacks by cyber criminals, organized crime and nation state cyber attacks.
With that being said I like the fact that this is taken as a proactive measure to counter foreign orchestrated cyber attacks by countries like Russia (US elections), China (Cyber IP theft), Banks hack with Stuxnet in 2012-2014 as retaliation against the US cyber attack on nuclear facilities) and North Korea (Sony hack, WannaCry etc). The government and private sector are equally impacted by the increasing complexity of attacks that surpass individual efforts through the support of nations trying to gain advantages through IP theft and impact modern democracies by shaking trust in these institutions through tampering in elections.
The effectiveness of CISA will depend on 3 aspects:
1. government agencies and private sector companies to work hand in hand to quickly identify and mitigate threats.
2. Adequate funding of the agency
3. Attrackting the right cybersecurity talent to keep up with the talent of bad actors and nation states-
Even though, every company has a responsibility to protect itself. I think this frontier requires a collaborative effort, data gathering and sharing. The government needs to take the lead. This will be an enormous task to co-ordinate. A Step in the right direction.
-
I agree & perhaps the G20 can address this challenge.
-
-
I recently started a course – Harvard University Cybersecurity: Managing Risk in the Information Age, I have a decent security background but the goal of attending this course is to bolster that knowledge. It is working. I now know much more than previously and we are only getting started. One of the things this course has done is make me aware of forums like this. I was unaware of the CISA act but agree that it critical and a step in the right direction. Private organizations and Governments are under ever increasing attacks. Clearly most current mechanisms aren’t working. We all know you can never completely stop breaches but working together and regulating all organizations to adhere to standards should be useful.
-
Agree that the CISA Act of 2018 is a much-needed response to today’s growing cyberthreat environment. It will be interesting to see how government agencies and privately owned companies work together to identify and mitigate cyberthreats by nation states who have an army of hackers.
-
Interesting that while North Korea has not tested any missiles since the first summit with Trump, they have been very active in continued attacks on US interests. Hopefully the CISA Act will help us to better defend against future attacks as they do not seem to be diminishing.
http://time.com/5542687/north-korea-cyberattacks-lazarus-hanoi-summit/
You must be logged in to reply to this topic.
