Now Available: 2025 Year in Review with CISA logo and blue, red, and green box decoration on the boarders of a blue background

CISA’s 2025 Year in Review

Efficiency. Modernization. Resilience. See how CISA focused tightly on our agency’s core mission: protecting America’s critical infrastructure from cyber and physical threats.

Read the Year in Review
Guidance: Barriers to Secure OT Communication: Why Johnny Can't Authenticate with a hand reaching towards a screen with a red lock and computer code behind it

CISA RELEASES GUIDANCE ON BARRIERS TO SECURE OT COMMUNICATION: WHY JOHNNY CAN’T AUTHENTICATE

This guidance outlines key barriers to secure communication and provides actionable recommendations for vendors and asset owners and operators to improve the usability and adoption of secure protocols.

Read Guidance
Binding Operational Directive Mitigating Risks from End-of-Support Edge Devices

CISA Directive Focuses on Mitigating Risks from End-of-Support Edge Devices

Federal agencies must take immediate action to inventory, remove, and replace all unsupported edge devices. This guidance is relevant for all organizations seeking to strengthen network security and reduce vulnerabilities.

Read the Directive
Super Bowl LX: Strengthening Preparation, Building Resilience, Fostering Partnerships

Super Bowl LX: Strengthening Preparation, Building Resilience, Fostering Partnerships

Together with the NFL, DHS, and local, state, and private-sector partners, CISA coordinated a year-long initiative to protect people, venues, and critical infrastructure to ensure a safe and successful championship game.

Read the Blog
Assembling a Multi-Disciplinary Insider Threat Management Team with a large group of people in business attire standing together as if taking a group photograph

Assembling A Multi-Disciplinary Insider Threat Management Team

Critical infrastructure and SLTT stakeholders will find detailed guidance on assembling, deploying and maintaining a multi-disciplinary team, an essential group for comprehensive insider threat mitigation.

Learn More
CISA Response to EO 14306: Product Categories for Technologies that Use PQC Standards, with CISA logo and a blue key that blends into code in the background

Product Categories for Technologies That Use Post-Quantum Cryptography Standards

This guidance aims to aid in post-quantum cryptography adoption and includes hardware and software categories with example types of widely available products that protect sensitive information.

Review the List

News Updates

View More News

Latest Operational Information

View All Alerts & Advisories Subscribe to Updates

How can we help?

All Audiences
Main St, street sign

Find Help Locally

Contact your Region

Assist Visits

Protected Critical Infrastructure Information

IT professional working at computers

Industry

Secure by Design

Information Sharing: A Vital Resource

PCII Program modernized

Joint Cyber Defense Collaborative expands

A small business worker making a transaction with a customer

Small and Medium Businesses

Cyber guidance for small businesses

Supplementing passwords

Doing business with CISA

Teenager boy and classmates in high school computer class

Educational Institutions

School Safety

Cybersecurity for K-12

K-12 School Security Product Suite

Protecting Our Future: Partnering to Safeguard K-12 Organizations from Cybersecurity Threats

All Audiences

JCDC unifies cyber defenders from organizations worldwide. This team proactively gathers, analyzes, and shares actionable cyber risk information to enable synchronized, holistic cybersecurity planning, cyber defense, and response.

JCDC

StopRansomware.gov is the U.S. Government's official one-stop location for resources to tackle ransomware more effectively.

STOPRANSOMWARE

SAFECOM works to improve emergency communications interoperability across local, regional, tribal, state, territorial, international borders, and with federal government entities.

SAFECOM

Additional CISA Resources

abstract cyber space

CISA Resources & Tools

CISA offers an array of free resources and tools, such as technical assistance, exercises, cybersecurity assessments, free training, and more.

Image of an event with speaker and participants

CISA Events

CISA hosts and participates in events throughout the year to engage stakeholders, seek research partners, and communicate with the public to help protect the homeland.

CISA Services Catalog

A single resource that provides you with access to information on services across CISA’s mission areas.

Employees pictured during training session

CISA Training

As part of our continuing mission to reduce cybersecurity and physical security risk, CISA provides a robust offering of cybersecurity and critical infrastructure training opportunities.