The Cybersecurity and Infrastructure Security Agency (CISA) announced the launch of its new CISA Services Portal, which includes an updated cyber incident reporting form. This move is part of CISA’s ongoing efforts to enhance cyber incident reporting across the United States.
As the nation’s premier cyber defense agency and the national coordinator for critical infrastructure security, CISA leads the effort to understand, manage, and reduce risks to the digital and physical infrastructure that Americans depend on every day.
CISA Services Portal: A Secure and Enhanced Platform
The new CISA Services Portal is a secure platform designed to make cyber incident reporting more efficient and accessible. One of the significant improvements in this new portal is its integration with login.gov credentials, providing a streamlined and secure login process for users. This enhancement ensures that the platform is both user-friendly and secure, maintaining high standards of data protection and privacy.
The portal’s updated functionality offers several key features that simplify the reporting process. Users can now save and update their incident reports, a feature that was not available in the previous system. This allows organizations to provide ongoing updates about an incident without needing to start the reporting process from scratch. Additionally, the ability to share submitted reports with colleagues or clients is a new feature designed to facilitate third-party reporting, making it easier for organizations to collaborate with external partners and consultants.
Another significant enhancement is the search and filter capabilities within the portal, enabling users to easily access and manage their reports. This functionality is particularly beneficial for organizations handling multiple incidents or those involved in managing cyber risk across several entities or departments.
Collaboration and Communication
A new feature of the portal is its collaboration tool, which allows users to engage in informal discussions with CISA. This tool is intended to foster a more dynamic exchange of information and insights between CISA and the organizations it serves. Through these informal discussions, organizations can receive guidance and share details that might help refine CISA’s understanding of ongoing cyber threats and how best to respond to them.
Jeff Greene, CISA’s Executive Assistant Director for Cybersecurity, highlighted the importance of this new platform in a statement:
“Any organization experiencing a cyber attack or incident should report it – for its own benefit, and to help the broader community. CISA and our government partners have unique resources and tools to aid with response and recovery, but we can’t help if we don’t know about an incident. Sharing information allows us to work with our full breadth of partners so that the attackers can’t use the same techniques on other victims, and can provide insight into the scale of an adversary’s campaign. CISA is excited to make available our new portal with improved functionality and features for cyber reporting.”
Voluntary Cyber Incident Reporting
In conjunction with the launch of the new portal, CISA has also released a voluntary cyber incident reporting resource designed to guide organizations through the reporting process. This resource provides clear and concise information about who should report an incident, why and when reporting is critical, and what details should be included in a report. The aim is to encourage more organizations to proactively report cyber incidents, contributing to a more enhanced national defense against cyber threats.
The voluntary reporting resource also offers several tools and guidelines to help organizations understand the impact of cyber incidents and how best to manage their response. By making these resources readily available, CISA hopes to reduce the overall cyber risk for organizations across various sectors.
A Call to Action
CISA is urging all organizations, regardless of size or industry, to take advantage of the new portal and the resources available to them. Voluntarily reporting cyber incidents not only benefits the reporting organization by enabling access to CISA’s support and resources, but it also contributes to the broader national effort to prevent cyberattacks. When organizations share information about incidents, they provide CISA and its partners with valuable data that can be used to protect other potential victims and enhance the overall resilience of the nation’s digital infrastructure.