The US government wants to offer better cybersecurity to major infrastructure firms

News
By Sead Fadilpašić
published

CISA expands its security service offering

A digital representation of a lock
(Image credit: Altalex)

The US government's Cybersecurity and Infrastructure Security Agency (CISA) is expanding its managed cybersecurity services to critical infrastructure entities in a bid to further safeguard key platforms. 

The organization said its security project had proved a significant success so far, and that expanding it will not only help stress-test its capabilities but also take the load off security teams struggling to keep up with ever-intensifying attacks.

In a press release, CISA said it had started deploying its Protective Domain Name System (DNS) Resolver to pilot participants. Before that, the program was only available to federal civilian agencies.

Reader Offer: $50 Amazon gift card with demo

Reader Offer: $50 Amazon gift card with demo
Perimeter 81's Malware Protection intercepts threats at the delivery stage to prevent known malware, polymorphic attacks, zero-day exploits, and more. Let your people use the web freely without risking data and network security.

Preferred partner (What does this mean?

Target Rich, Resource Poor

“It is a proven, cost-effective solution that uses U.S. government and commercial threat intelligence to prevent systems from connecting to known or suspected malicious domains,” CISA explains. “Since 2022, CISA’s Protective DNS service has successfully blocked nearly 700 million connection attempts from federal agencies to malicious domains across the globe and continues to reduce the risk of the most common cyber risks like ransomware, phishing and malicious redirects.”

Now, CISA will expand its offering to “Target Rich, Resource Poor” critical infrastructure entities which will not only help these organizations, but also stress-test CISA’s service delivery mechanisms, demonstrating its ability to acquire, deploy, and operate cybersecurity services at scale. Furthermore, CISA expects the offering to result in greater insight into the evolving threat environment, as well as the establishment of a “common baseline of cyber protection”. Finally, reduced frequency and impact of cyberattacks is expected, too.

Organizations being brought into the fold operate in the healthcare, water, and K-12 education sectors. “This year, we plan to deliver services to up to 100 entities,” CISA concluded.

The project also includes hosting roundtables and information sessions with critical infrastructure firms in every region and across all sectors. The goal is to understand each individual firm’s needs and challenges, and to identify gaps in existing capabilities. “The insights obtained through these discussions and as a result of the Protective DNS pilot will inform our effort to better serve our nation’s critical infrastructure organizations,” the organization concluded.

Via The Record

More from TechRadar Pro

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.