Word Notes 6.20.23
Ep 153 | 6.20.23

CISA (noun)


Rick Howard: The word is: CISA

Rick Howard: Spelled: C for cybersecurity, I for infrastructure, S for security, and A for agency.

Rick Howard: Definition: A US Department of Homeland Security Agency tasked with supporting cyber and physical security for US critical infrastructure.

Rick Howard: Example sentence: CISA regularly issues public alerts regarding new vulnerabilities.

Rick Howard: Origin in Context: In 2018, US President Trump signed into law the Cybersecurity and Infrastructure Security Agency Act, which established CISA inside of the Department of Homeland Security DHS. According to the department's official website, CISA coordinates cybersecurity defense for the federal government acts as the incident responds execution arm for the National Cyber Defense and owns the responsibility of intelligence sharing. The National Cybersecurity and Communications Integration Center, the NCCIC and the United States Computer Emergency Response Team, the US CERT work for CISA. CISA manages four formal information sharing programs, one at the senior leadership level, the Joint Cyber Defense Collaborative, or the JCDC established in August of 2021 and three at the operator level enhanced Cybersecurity Services ECS, initially intended for communications service providers by US President Obama's Executive Order 136-36 in 2013.

Rick Howard: The Cyber Information Sharing and Collaboration program that shares unclassified information through trusted public private partnerships across all critical infrastructure sectors. And the DHS automated Indicator Sharing Program, AIS, that provides unclassified bidirectional machine to machine sharing of cyber threat indicators between the NCCIC and the private sector, ISACs, ISAOs, public sector, and international partners and companies. As of this writing, there have been two CISA directors. The first was Chris Krebs, who successfully supervised the US government's efforts to prevent voter fraud, both from within the country and from foreign influence operations in the 2020 presidential election. For his efforts, president Trump fired him over Twitter in November of 2020. Krebs successor as of July, 2021 is Jen Easterly most famous for establishing the JCDC, the government's Shields Up program to increase organizational vigilance and keep stakeholders informed about cybersecurity threats and destructive exploits against critical infrastructure and oversaw the government's efforts in remediating the Log4J crisis in December of 2021.

Rick Howard: Nerd Reference: Director Easterly is a bit of a nerd herself, which is one of the reasons we like her so much. Her Shields Up program refers to the classic Star Trek TV show Trope when any of the Starship captains raised their protective shields going into battle. In her keynote speech at the 2021 BlackHat Conference, she references the origin story of a certain friendly neighborhood, spider-Man. 

Jen Easterly: Our strength really comes from this incredible power of collaboration, but we know that with great power comes great responsibility. So one of my big priorities as the director is to ensure that we are maximizing this power is to cultivate and strengthen the incredible partnerships that we have, in particular with industry, with the academia, with researchers, with the hacker community to ensure that we are leveraging the best and brightest of this community for the collective defense of the nation. As I said, collaboration is in CISAs DNA, and I fundamentally believe that this approach will make us stronger.

Rick Howard: Word Notes is written by Tim Nodar, executive produced by Peter Kilpe, and edited by John Petrik and me, Rick Howard. The mix, sound design, and original music have all been crafted by the ridiculously talented Elliott Peltzman. We are privileged that N2K and podcasts, like Word Notes, are part of the daily intelligence routine of many of the most influential leaders and operators in the public and private sector, as well as the critical security teams supporting the Fortune 500 and many of the world's preeminent intelligence and law enforcement agencies. N2K strategic workforce intelligence optimizes the value of your biggest investment people. We make you smarter about your team while making your team smarter. Learn more at N2K.com and thanks for listening.