CYBER THREAT SHARING - WHAT IS IT & WHY IT'S IMPORTANT
Cyber threat information is any information that can help an organization identify, assess, monitor, and respond to cyber threats. Examples of cyber threat information include indicators (system artifacts or observables associated with an attack), TTPs (Tactics, Techniques and Procedures), security alerts, threat intelligence reports, and recommended security tool configurations.
Most organizations already produce multiple types of cyber threat information that are available to share internally as part of their information technology and security operations efforts. By exchanging cyber threat information within a sharing community, organizations can leverage the collective knowledge, experience, and capabilities of that sharing community to gain a more complete understanding of the threats the organization may face.
ACT NOW TO PROTECT AGAINST INCREASED CYBER RISKS
Russia’s invasion of Ukraine could impact organizations both within and beyond the region, to include malicious cyber activity against the U.S. homeland, including as a response to the unprecedented economic costs imposed on Russia by the U.S. and our allies and partners. Every organization—large and small—must be prepared to respond to disruptive cyber incidents. As the nation’s cyber defense agency, CISA stands ready to help organizations prepare for, respond to, and mitigate the impact of cyberattacks. When cyber incidents are reported quickly, we can use this information to render assistance and as warning to prevent other organizations and entities from falling victim to a similar attack. CISA continues to encourage our stakeholders to voluntarily share information about cyber-related events that could help mitigate current or emerging cybersecurity threats to critical infrastructure.
Organizations can also report anomalous cyber activity and/or cyber incidents 24/7 to email@example.com or (888) 282-0870.
CISA's Shields Up site provides the latest guidance and information to help organizations increase their resilience to cyber attacks and protect people and property. This robust catalog of free resources will be especially helpful today, as the cybersecurity threats facing the world have increased exponentially.
THREAT DETECTING AND SHARING RESOURCES
- CyberSecurity & Infrastructure Security Agency (CISA)
- SANS Internet Storm Center
- Indiana Infragard
- Common Vulnerabilities and Exposures (Mitre CVE list)
- Cyber Information Sharing and Collaboration Program (CISCP)
- Enhanced Cybersecurity Services (ECS)
- Industrial Control Systems Cyber Emergency Response Team (ICS-CERT)
- Multi-State Information Sharing & Analysis Center (MS-ISAC)
- SLTT Cyber Information Sharing Program | CISA
- Infrastructure Protection Gateway (IP Gateway)
- Department of Homeland Security’s (DHS) free Automated Indicator Sharing (AIS)
REPORT A CYBER INCIDENT
Cybercrime includes identity theft, cyber-attacks (such as ransomware, malware, denial-of-service, etc.), fraud, and violating privacy. Whether you are an organization experiencing a cyber-attack or an individual who is a victim of identity theft, follow the below steps to report the cybercrime and begin recovering.
New government reporting requirements: Indiana lawmakers passed legislation in 2021 that will increase the amount of information sharing regarding cyberattacks and other threats across state agencies and local government. This new law requires public-sector entities to report incidents such as ransomware, software vulnerability exploitations, denial-of-service attacks and more. Learn more.
How do I report an incident if I am a government entity?
The law requires a primary contact for each governmental organization. Organizations can provide multiple contacts as long as they are authorized to report incidents and receive any information resulting from incident reporting.
SIGN UP TO BE A POINT OF CONTACT FOR YOUR ORGANIZATION:
REPORT A CYBERSECURITY INCIDENT:
BE ALERT - STOP RANSOMWARE
Known as a form of malware designed to encrypt files on a device, rendering any files and the systems they rely on as unusable, Ransomware is used by malicious actors to demand a ransom in exchange for decryption. StopRansomware.gov is the U.S. Government's official, one-stop source for resources to tackle this problem more effectively.