Light Dark
September 30, 2024 By Sue Poremba 2 min read
News

Information sharing just got more efficient. In August, the Cybersecurity and Infrastructure Security Agency (CISA) launched the CISA Services Portal.

“The new CISA Services Portal improves the reporting process and offers more features for our voluntary reporters. We ask organizations reporting an incident to provide information
on the impacted entity, contact information, description of the incident, technical indications and steps taken,” a CISA spokesperson said in an email statement.

“Reported incidents enable CISA and our partners to help victims mitigate the effects, limit the ability of malicious actors to use the same techniques to execute multiple intrusions and better understand the scale of adversary campaigns. Information sharing not only helps the victim but other potential victims as well,” the spokesperson added.

How the portal works

CISA uses NIST Special Publication 800-61 Revision 2, Computer Security Incident Handling Guide, to provide guidance on how to define a cyber incident. These include:

•    Attempts to gain unauthorized access to a system or its data
•    Unwanted disruption or denial of service
•    Abuse or misuse of a system or data in violation of policy

The portal covers more than just cyber incidents. Users can also report malware, software vulnerabilities, threat indicators and government website vulnerabilities. One exception to what can be reported from the CISA Services Portal: Users reporting a cyberattack on the critical infrastructure are instructed to follow a different submission link per CIRCIA requirements.

When you click on the link to report an incident, it will walk you through the process, from identification of the organization to detailed incident description to the technical aspects associated with the incident.

What makes this portal different

There are a lot of different breach reporting portals and websites out there, so what makes CISA’s different? First, it is completely voluntary and open to all entities across the country to use, but it is also a stand-alone government portal. It does not replace any reporting processes required by federal, state, local and/or industry regulations. An organization required to report a breach to the FTC or FCC, for example, will still have to follow those procedures.

Reporting can be done on behalf of an organization or by an individual user. Users can set up an account and use the portal to chat with CISA about their cybersecurity questions and concerns. Reports filed can be saved, updated and shared.

What truly makes CISA’s portal unique is the agency’s ability to assist in an organization’s incident response and recovery efforts. This is especially vital for small and medium-sized businesses that may not have the resources to mitigate an incident efficiently.

Again, even though reporting to CISA is not mandatory, the agency encourages all organizations and entities to voluntarily report cyber incidents or anomalous activity. CISA does ask anyone reporting an incident to have as much information as possible about the breach and mitigation efforts. The agency has produced a guide to help victims prepare to make their reports.

“Any organization experiencing a cyberattack or incident should report it – for its own benefit and to help the broader community. CISA and our government partners have unique resources and tools to aid with response and recovery, but we can’t help if we don’t know about an incident,” said CISA Executive Assistant Director for Cybersecurity Jeff Greene in a formal statement covering the portal’s announcement.

 |  |  |  | 
Sue Poremba

More from News
November 18, 2024

Research finds 56% increase in active ransomware groups

4 min read - Any good news is welcomed when evaluating cyber crime trends year-over-year. Over the last two years, IBM’s Threat Index Reports have provided some minor reprieve in this area by showing a gradual decline in the prevalence of ransomware attacks — now accounting for only 17% of all cybersecurity incidents compared to 21% in 2021. Unfortunately, it’s too early to know if this trendline will continue. A recent report released by Searchlight Cyber shows that there has been a 56% increase in…

November 4, 2024

Cyberattack on American Water: A warning to critical infrastructure

3 min read - American Water, the largest publicly traded United States water and wastewater utility, recently experienced a cybersecurity incident that forced the company to disconnect key systems, including its customer billing platform. As the company’s investigation continues, there are growing concerns about the vulnerabilities that persist in the water sector, which has increasingly become a target for cyberattacks. The breach is a stark reminder of the critical infrastructure risks that have long plagued the industry. While the water utility has confirmed that…

October 28, 2024

CISA and FBI release secure by design alert on cross-site scripting 

3 min read - CISA and the FBI are increasingly focusing on proactive cybersecurity and cyber resilience measures. Conjointly, the agencies recently released a new Secure by Design alert aimed at eliminating cross-site Scripting (XSS) vulnerabilities, which have long been exploited to compromise both data and user trust. Cross-site scripting vulnerabilities occur when a web application improperly handles user input, allowing attackers to inject malicious scripts into web pages that are then executed by unsuspecting users. These vulnerabilities are dangerous because they don't attack…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature