Language Translation
  Close Menu

Section

Breadcrumbs

Cyber Threat Sharing

CYBER THREAT SHARING - WHAT IS IT & WHY IT'S IMPORTANT

Cyber threat information is any information that can help an organization identify, assess, monitor, and respond to cyber threats. Examples of cyber threat information include indicators (system artifacts or observables associated with an attack), TTPs (Tactics, Techniques and Procedures), security alerts, threat intelligence reports, and recommended security tool configurations.

Most organizations already produce multiple types of cyber threat information that are available to share internally as part of their information technology and security operations efforts. By exchanging cyber threat information within a sharing community, organizations can leverage the collective knowledge, experience, and capabilities of that sharing community to gain a more complete understanding of the threats the organization may face.

ACT NOW TO PROTECT AGAINST INCREASED CYBER RISKS

Every organization—large and small—must be prepared to respond to disruptive cyber incidents. As the nation’s cyber defense agency, CISA stands ready to help organizations prepare for, respond to, and mitigate the impact of cyberattacks. When cyber incidents are reported quickly, we can use this information to render assistance and as warning to prevent other organizations and entities from falling victim to a similar attack. CISA continues to encourage our stakeholders to voluntarily share information about cyber-related events that could help mitigate current or emerging cybersecurity threats to critical infrastructure.

Organizations can also report anomalous cyber activity and/or cyber incidents 24/7 to report@cisa.gov or (888) 282-0870.

CISA's Shields Up site provides the latest guidance and information to help organizations increase their resilience to cyberattacks and protect people and property. This robust catalog of free resources will be especially helpful today, as the cybersecurity threats facing the world have increased exponentially.

THREAT DETECTING AND SHARING RESOURCES

REPORT A CYBER INCIDENT

Cybercrime includes identity theft, cyber-attacks (such as ransomware, malware, denial-of-service, etc.), fraud, and violating privacy. Whether you are an organization experiencing a cyber-attack or an individual who is a victim of identity theft, follow the below steps to report the cybercrime and begin recovering.

New government reporting requirements: Indiana lawmakers passed legislation in 2021 that will increase the amount of information sharing regarding cyberattacks and other threats across state agencies and local government. This new law requires public-sector entities to report incidents such as ransomware, software vulnerability exploitations, denial-of-service attacks and more. Learn more.

How do I report  an incident if I am a government entity?

The law requires a primary contact for each governmental organization. Organizations can provide multiple contacts as long as they are authorized to report incidents and receive any information resulting from incident reporting.

SIGN UP TO BE A POINT OF CONTACT FOR YOUR ORGANIZATION:

https://public.govdelivery.com/accounts/INIOT/signup/26666

REPORT A CYBERSECURITY INCIDENT:

https://in.accessgov.com/cybersecurity/Forms/Page/cybersecurity/incident-reporting-form/0

BE ALERT - STOP RANSOMWARE

Known as a form of malware designed to encrypt files on a device, rendering any files and the systems they rely on as unusable, Ransomware is used by malicious actors to demand a ransom in exchange for decryption. StopRansomware.gov is the U.S. Government's official, one-stop source for resources to tackle this problem more effectively.

CYBER NEWS