CISA: Cybersecurity Best Practices


Cyberspace is particularly difficult to secure due to a number of factors: the ability of malicious actors to operate from anywhere in the world, the linkages between cyberspace and physical systems, and the difficulty of reducing vulnerabilities and consequences in complex cyber networks. Implementing safe cybersecurity best practices is important for individuals as well as organizations of all sizes. Using strong passwords, updating your software, thinking before you click on suspicious links, and turning on multi-factor authentication are the basics of what we call “cyber hygiene” and will drastically improve your online safety. These cybersecurity basics apply to both individuals and organizations. For both government and private entities, developing and implementing tailored cybersecurity plans and processes is key to protecting and maintaining business operations. As information technology becomes increasingly integrated with all aspects of our society, there is increased risk for wide scale or high-consequence events that could cause harm or disrupt services upon which our economy and the daily lives of millions of Americans depend.

CISA’s Role

In light of the risk and potential consequences of cyber events, CISA strengthens the security and resilience of cyberspace, an important homeland security mission. CISA offers a range of cybersecurity services and resources focused on operational resilience, cybersecurity practices, organizational management of external dependencies, and other key elements of a robust and resilient cyber framework. CISA helps individuals and organizations communicate current cyber trends and attacks, manage cyber risks, strengthen defenses, and implement preventative measures. Every mitigated risk or prevented attack strengthens the cybersecurity of the nation.

  • Secure by Design, Secure by Default: It’s time to build cybersecurity into the design and manufacture of technology products. Find out here what it means to be secure by design and secure by default.
  • Shifting the Balance of Cybersecurity Risk: Principles and Approaches for Security-by-Design and -Default: Joint guidance by U.S. and international partners that urges software manufacturers to take urgent steps to ship products that are secure by design and secure by default.
  • Shields Up: Stay Shields Up! to prepare for, respond to, and mitigate the impact of cyber-attacks. CISA is here to support you and your cybersecurity needs with expert resources, tools, and services to protect you from cyber threats.
  • Cybersecurity Best Practices Services: Explore the cybersecurity services CISA offers that are available to Federal Government; State, Local, Tribal and Territorial Government; Industry; Educational Institutions; and General Public stakeholders.