|
NIMS Information Bulletin 01-22 |
|
NIMS Information
Bulletin 01-22
|
|
Cyber Resources for State, Local, Tribal and Territorial Partners |
|
|
The threat of cyber-attacks requires collaboration among emergency managers, cyber professionals and other key stakeholders to build resilience and respond to cyber incidents. The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) leads the national effort to understand, manage and reduce risk to cyber and physical infrastructure.
Cyber incidents have the potential to disrupt essential services, and may result from malicious attacks, natural disasters, human error or equipment failures. CISA connects partners in industry and government to each other and to resources, analyses and tools to help them build their own cyber, communications and physical security and resilience, in turn helping to ensure a secure and resilient infrastructure for the American people.
|
|
|
CISA’s Cyber Resource Hub includes information on cybersecurity services and assessments to build cyber resilience and identify associated risks. These services can help jurisdictions prioritize where to invest their efforts to strengthen and protect critical assets.
Jurisdictions should also consider the potential for disinformation campaigns as part of holistic risk management activities. Threat actors may use false, manipulated or misleading information to influence victims, cause confusion and undermine public trust. CISA’s Mis-, Dis-, and Malinformation (MDM) Team provides resources to build resilience to MDM and foreign influence activities.
Funded by CISA, the Multi-State Information Sharing and Analysis Center (MS-ISAC) serves as a no-cost resource for situational awareness, best practices, information sharing and incident response for SLTT government entities. SLTT governments can join the MS-ISAC at no cost and receive access to tools and resources such as cybersecurity advisories and alerts, mitigation and incident response resources and table-top exercises.
Cyber Risk Management Resources for SLTT Partners
|
|
A guide for leaders of small businesses and small and local government agencies to develop an actionable understanding of where to start implementing organizational cybersecurity best practices. |
|
A range of cybersecurity assessments that evaluate operational resilience, cybersecurity practices, organizational management of external dependencies and other key elements of a robust and resilient cyber framework. |
|
No-cost cyber incident response training for government employees and contractors across federal and SLTT governments. |
|
A one-stop resource with best practices and ways to prevent, protect against and/or respond to a ransomware attack. Includes a ransomware response checklist. |
|
|
A standard set of operational procedures to be used in planning and conducting cybersecurity vulnerability and incident response activities for federal civilian agency information systems. Also applicable for SLTT government use.
|
|
|
Funded by CISA as the focal point for cyber threat prevention, protection, response and recovery for the Nation’s SLTT governments. |
|
A no-cost, anonymous, annual self-assessment conducted by the MS-ISAC on CISA’s behalf to measure gaps and capabilities of SLTT governments’ cybersecurity programs. Based on the National Institute of Standards and Technology Cybersecurity Framework. |
|
A framework of standards, guidelines, and practices to promote the protection of critical infrastructure. The framework’s prioritized, flexible, repeatable and cost-effective approach helps owners and operators of critical infrastructure manage cybersecurity-related risk. |
|
|
NIMS provides stakeholders across the whole community with the shared vocabulary, systems and processes to successfully deliver the capabilities described in the National Preparedness System. It defines operational systems that guide how personnel work together during incidents.
|
|
|
|
