ORSYS le mag 2025 logo

The training and skills medium

Home > Cybersecurity glossary > CISA 🟩 Authority

CISA 🟩 Authority

La CISA (Cybersecurity and Infrastructure Security Agency) is a U.S. government agency attached to the Department of Homeland Security. Department of Home Security (Department of Homeland Security, DHS).

Created in 2018, this national cyber security authority s primary mission is to protect the United States' critical infrastructure and strengthen its security. cyber security national response to cyber and physical threats.

CISA budget (2025) :  3 billion

CISA workforce (2025) : 3,641 full-time equivalents (FTEs) out of a total of 4,021 positions

File:CISA Logo.png - Wikipedia

🎯 Main tasks

 

  1. Critical infrastructure protection :
    • Monitors and secures essential sectors (energy, transport, health, water, telecommunications, etc.) against terrorist attacks. cyber attacksor malicious acts.
  2. Cybersecurity :
    • Coordinates the defence of government and private networks against cyber threats (ransomwareespionage, state attacks).
    • Implements tools such as Shields Ready (preparation) and Shields Up (heightened alert) for organisations.
  3. Emergency management :
    • Ensures resilience emergency communication systems (e.g. network FirstNet for public services).
  4. Raising awareness and working together :
    • Publishes safety notice (e.g. : vulnerabilities best practice).
    • Collaborates with public (FBI, NSA), private and international partners.

🔑 Key activities

 

  • Risk analysis Identifies and assesses vulnerabilities in critical systems.
  • Incident response Response: Responds to major cyber attacks (e.g. ransomware attacks on hospitals).
  • Standards and guides Security: Proposes security frameworks (e.g. recommendations for the cloud, IoT).
  • Awareness campaigns Initiatives such as "Cybersecurity Awareness Month to educate the public.

📣 Target audience

 

CISA is aimed at a wide audience, including :

  • Government organisations (federal, state and local)
  • Critical infrastructure operators (companies managing energy, transport, health, etc.)
  • Private companies of all sizes, whatever their sector of activity
  • Local authorities (cities, counties, regions)
  • The general publicthrough its awareness campaigns.

Impact and scope

 

  • National Protects the strategic interests of the United States (e.g. elections, energy networks).
  • International Cyber: working with allies (NATO, EU) to combat transnational cyber threats.
Back to Glossary

field of training

Cybersecurity

associated training

Systems and network security, level 1

Hacking and security, level 1

Information systems security, summary

BEST

Towards the ORSYS Cyber Academy: a free space dedicated to cybersecurity