User:Jonpcoombes/sandbox



The Cybersecurity and Infrastructure Security Agency (CISA) is a standalone United States federal agency, an operational component under Department of Homeland Security (DHS) oversight. Its activities are a continuation of the National Protection and Programs Directorate (NPPD). CISA was established on November 16, 2018 when President Donald Trump signed into law the Cybersecurity and Infrastructure Security Agency Act of 2018. Brandon Wales served as Acting Director until Jen Easterly was unanimously confirmed by the Senate on July 12, 2021 and became Director.

Former NPPD Under-Secretary Christopher Krebs was CISA's first Director, and former Deputy Under-Secretary Matthew Travis was its first Deputy Director. The expected role of CISA is to improve cybersecurity across all levels of government, coordinate cybersecurity programs with U.S. states, and improve the government's cybersecurity protections against private and nation-state hackers.

History
Formed in 2007, the National Protection and Programs Directorate (NPPD) was a component of the United States Department of Homeland Security. NPPD's goal was to advance the Department's national security mission by reducing and eliminating threats to U.S. critical physical and cyber infrastructure.

On November 16, 2018, President Trump signed into law the Cybersecurity and Infrastructure Security Agency Act of 2018, which elevated the mission of the former NPPD within DHS, establishing the Cybersecurity and Infrastructure Security Agency (CISA). CISA is a successor agency to NPPD, and assists both other government agencies and private sector organizations in addressing cybersecurity issues.

On January 22, 2019, CISA issued its first Emergency Directive (19-01: Mitigate DNS Infrastructure Tampering) warning that "an active attacker is targeting government organizations" using DNS spoofing techniques to perform man-in-the-middle attacks. Research group FireEye stated that "initial research suggests the actor or actors responsible have a nexus to Iran."

In 2020, CISA created a website, titled Rumor Control, to rebut disinformation associated with the 2020 United States presidential election. On November 12, 2020, CISA issued a press release asserting, "There is no evidence that any voting system deleted or lost votes, changed votes, or was in any way compromised." On the same day, Director Krebs indicated that he expected to be dismissed from his post by the Trump administration. Krebs was subsequently fired by President Trump on November 17, 2020 via tweet for his comments regarding the security of the election. Bryan Ware, assistant director at CISA, submitted his resignation on November 12 as well, with reports that his resignation had been requested.

''After the Colonial Pipeline cybersecurity incident in May 2021, the TSA created a National Security Directive that requires the Nation’s critical pipeline owners and operators to identify and report cybersecurity incidents to CISA. The new Security Directive also requires that a Cybersecurity Coordinator be identified by each pipeline owner or operator and an internal self-assessment be completed and reported to both CISA and TSA within 30 days. The establishment of the new Security Directive reinforces the important role that CISA plays in protecting the Nation’s critical infrastructure from physical and cyber threats. ''

''In June 2021, CISA released a list of “Bad Practices” focused on organizations categorized as Critical Infrastructure or National Critical Functions (NCF). The list of high-risk practices could potentially lead to significant impacts to national security, economic security, or national public health and safety.''

On July 12, 2021, the Senate confirmed Jen Easterly by a Voice Vote, directly after the Senate returned from its July 4th recess. Easterly’s nomination had been reported favorably out of Senate Committee on Homeland Security and Governmental Affairs on June 16, but a floor vote had been reportedly held by Senator Rick Scott over broader national security concerns, until the President or Vice President had visited the southern border with Mexico.

Role
An October, 2020 review in the Institute for World Politics student journal Active Measures stated that CISA apparently lacks an enforcement division. The Federal Protective Service, which reported to, until 2010, the U.S. Immigration and Customs Enforcement, was moved in May 2019 from CISA to the DHS Management Directorate.

''In November 2018, DHS established the Pipeline Cybersecurity Initiative (PCI) and asked CISA to lead efforts for tackling the growing risks associated with Nation’s pipeline infrastructure. With a concentration on pipelines that primarily transport oil and natural gas (ONG) products, CISA’s goal is to collaborate with the Nation’s pipeline owners and operators in preparing for potential cyber events. CISA will work closely with other government agencies in the support of this new role, including the Transportation Security Agency (TSA). The primary functions of PCI is to help pipeline owners and operators assess their current cybersecurity preparedness through assessments and information sharing. ''

''CISA offers non-cost cybersecurity assessment services to organizations, including assessments that focus on best practices, operational resiliency, and capabilities that promote a sustainable and effective cybersecurity framework. The assessments are voluntary in nature and are provided to improve an organizations cybersecurity posture while helping strengthen the critical infrastructure supporting the Nation''. CISA collaborates across both the public and private sectors to build trusted relationships and improve public safety emergency communications capabilities.

Performance
On 17 December 2020, it was revealed that several US agencies had been hit by a massive months-long intrusion by overseas hackers suspected to be from Russia.

Subcomponents
Real Fake, a 2020 graphic novel from CISA about disinformation and misinformation campaigns

CISA subcomponents include the:


 * Cybersecurity Division
 * Infrastructure Security Division
 * Emergency Communications Division
 * National Risk Management Center
 * Integrated Operations Division
 * Stakeholder Engagement Division
 * National Emergency Technology Guard (inactive, but can be activated by the director of CISA)