Connect with us

Hi, what are you looking for?



CISA Offering Free Cybersecurity Services to Non-Federal Critical Infrastructure Entities

New CISA pilot program brings cutting-edge cybersecurity services to critical infrastructure entities that need support.

The US cybersecurity agency CISA has announced a new pilot program to provide managed cybersecurity services to critical infrastructure entities that need support.

For years, the agency has been acting as a managed service provider to the federal civilian government, which has resulted in reduced risks and cost-savings, in addition to delivering standardization.

Now, CISA is expanding support and cybersecurity expertise to non-federal critical infrastructure organizations in need of assistance with reducing cybersecurity risks.

“Scaling CISA-managed cybersecurity services for the segments of our critical infrastructure community that need it most is a cost-effective way to gain greater insight into our evolving threat environment, establish a common baseline of cyber protection, and, most importantly, reduce the frequency and impact of damaging cyber events,” the agency notes.

In addition to offering CISA-provided commercial shared services to critical infrastructure entities, the pilot program will allow the agency to stress-test its service delivery mechanisms and prove it can deliver these cybersecurity services at scale.

During the first phase of the deployment, CISA is providing services to healthcare, water, and K-12 education entities, with the final goal to embark up to 100 organizations this year.

The agency is also hosting roundtables and information sessions with critical infrastructure partners to understand their needs, identify issues, assess interest in CISA services, and find ways to provide more scalable support.

According to CISA, evolving threats and their high impact on everyday life increase the need for collective cyber defense. In the agency’s vision, “the ability to provide cost-effective, highly scalable, and innovative solutions to critical infrastructure entities in need of assistance is vital to our national cyber mission.”

Advertisement. Scroll to continue reading.

The services offered as part of the pilot program are free of charge. Interested entities are encouraged to contact security advisors at a CISA office in their region.

Related: CISA Gets Proactive With New Pre-Ransomware Alerts

Related: CISA Unveils Cybersecurity Strategic Plan for Next 3 Years

Related: MITRE and CISA Release Open Source Tool for OT Attack Emulation

Related: CISA Introduces Secure-by-design and Secure-by-default Development Principles

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join us as we delve into the transformative potential of AI, predictive ChatGPT-like tools and automation to detect and defend against cyberattacks.


As cybersecurity breaches and incidents escalate, the cyber insurance ecosystem is undergoing rapid and transformational change.


Expert Insights

Related Content

Cloud Security

Cloud security researcher warns that stolen Microsoft signing key was more powerful and not limited to and Exchange Online.


Private equity giant plans to buy Forcepoint’s Global Governments and Critical Infrastructure (G2CI) business unit for $2.5 billion.


US National Cybersecurity Strategy pushes regulation, aggressive 'hack-back' operations.


Companies have announced securing billions of dollars in cybersecurity-related contracts with the United States government in 2022.


The proposed UK Online Safety Bill is the enactment of two long held government desires: the removal of harmful internet content, and visibility into...


CISA has described and published a set of principles for the development of security-by-design and security-by-default cybersecurity products.

Cloud Security

Redmond is accused of “negligent cybersecurity practices” that enabled a successful Chinese hack of the United States government.


TSA instructs airport and aircraft operators to improve their cybersecurity resilience and prevent infrastructure disruption and degradation.