CISA definitionThe Cybersecurity and Infrastructure Security Agency (CISA) is a new federal agency, created to protect the nation's critical infrastructure.It was created through the Cybersecurity and Infrastructure Security Agency Act of 2018, which was signed into law on November 16, 2018. That legislation \u201crebranded\u201d the Department of Homeland Security's (DHS's) National Protection and Programs Directorate (NPPD) as the Cybersecurity and Infrastructure Security Agency and transferred resources and responsibilities of NPPD to the newly created agency. Prior to the passage of the bill, NPPD managed almost all of DHS\u2019s cybersecurity-related matters.CISA is responsible for protecting the nation\u2019s critical infrastructure from physical and cyber threats. Its mission is to \u201cbuild the national capacity to defend against cyber attacks\u201d and to work \u201cwith the federal government to provide cybersecurity tools, incident response services and assessment capabilities to safeguard the .gov networks that support the essential operations of partner departments and agencies.\u201dWithin CISA are two chief centers that are integral to the agency\u2019s mission. The first, the National Cybersecurity and Communications Integration Center (NCCIC), provides 24x7 cyber-situational awareness, analysis, incident response and cyber-defense capabilities to the federal government; state, local, tribal and territorial governments; the private sector; and international partners. The second important center, the National Risk Management Center (NRMC) is a planning, analysis and collaboration center working to identify and address the most significant risks to the nation\u2019s critical infrastructure.Like NPPD before it, CISA also oversees within DHS the Federal Protective Service (FPS), the Office of Cyber and Infrastructure Analysis (OCIA), the Office of Cybersecurity & Communications (OC&C) and the Office of Infrastructure Protection (OIP). (The CISA Act of 2018, however, mandated that DHS review whether FPS, which is responsible for the physical security of nearly 10,000 federal buildings and their occupants, should be moved to another parent agency inside DHS or to another federal agency. It also moved the Office of Biometric Identity Management from NPPD to the DHS Management Directorate.)With its creation and elevation to the status of a federal agency, CISA became an independent arm within DHS on par with the Secret Service or Federal Emergency Management Agency (FEMA). Former NPPD Under Secretary Christopher Krebs is CISA's first director. Matthew Travis, former deputy undersecretary at NPPD, is the new agency\u2019s first deputy director. The FY 2020 President\u2019s Budget proposes spending $3.17 billion for CISA, which includes $1.6 billion in budget authority for fees collected from federal agencies in support of the Federal Protective Service.History of CISAFollowing the massive breach of the Office of Personnel Management in 2015, when sensitive personal data on 22 million current and former federal employees was stolen by suspected Chinese hackers, it became increasingly clear to many experts that the DHS was not in a strong position to adequately create a national response to the growing threat of foreign attackers infiltrating critical resources. \u00a0As more foreign incursions into U.S. IT infrastructure and other forms of cybersecurity attacks ramped up, leading experts began to call for the creation of a new agency better situated to tackle the growing problems.\u201cThe department\u2019s cybersecurity strategy was submitted over a year late, the organization lacks a sufficient \u2018brand\u2019 to recruit and retain top talent, and many companies have proven reluctant to collaborate with it,\u201d General David Petraeus, U.S. Army (Ret.) and Kiran Sridhar said in Politico in 2018 about the need for a national cybersecurity agency.DHS\u2019s cybersecurity strategy, the DHS Cybersecurity Strategy, unveiled in May 2018, presented a strategic framework to execute the government\u2019s cybersecurity responsibilities during the following five years. Both the strategy and the earlier Presidential Policy Directive 21- Critical Infrastructure Security and Resilience emphasized an integrated approach to managing risk, lending greater credence to the creation of a separate cybersecurity agency.That integrated approach is what CISA was formed to foster, CISA chief Krebs has emphasized. When NPPD was established,\u00a0 it was a \u201cconglomeration of disparate security programs within DHS that didn\u2019t fit neatly within TSA, or FEMA, or other established legacy agencies,\u201d he said at an event in 2018. So over time as the threat landscape, particularly from a cybersecurity perspective, has evolved and the department\u2019s role has been clarified and strengthened by Congress, it really became clear that the department needed a single voice, a single agency or organization who was able to carry out the [DHS] secretary\u2019s critical infrastructure protection and cybersecurity authorities.\u201dAside from the need for an integrated approach to the nation\u2019s cybersecurity threats, CISA was created to solve what security professionals and government officials frequently referred to as a \u201cbranding\u201d problem DHS faced with NPPD. The former NPPD\u2019s name was \u201cincomprehensible and unpronounceable\u201d according to Krebs, making the group\u2019s activities less recognizable among key stakeholders.\u201cI\u2019m not a grammar snob, but when you look at that construction, it\u2019s problematic on a number of fronts,\u201d CISA\u2019s Travis said at a conference in August 2018. \u201cOne, cyber\u2019s not in the name. Two, if they just called us the National Protection Directorate, that would be fine. That covers what we do. And if they called it the National Protection Programs Directorate, that\u2019s fine. It\u2019s a little wordy, but we do run programs. But it\u2019s the National Protection and Programs Directorate. It sounds like we do national protection over here and we\u2019re doing some interesting stuff over here that\u2019s not related.\u201dCISA\u2019s early daysThe agency is currently in the process of formulating a working plan to tackle a wide range of responsibilities and establish the integrated approach to cybersecurity it was founded to develop. \u201cI\u2019m looking at the next year and really the next two-years. We give ourselves two years to mature the organization and have it be the CISA we known it can be,\u201d CISA\u2019s Krebs tells CSO in an interview.The agency is currently engaged in listening sessions with private sector and government stakeholders as it creates organizational and mission plans. Krebs has widely outlined five discrete lines of effort that have \u201cmission opportunity\u201d but also \u201cmission risk,\u201d including tackling supply chain threats to upcoming 5G networks, improving election security, bolstering government network security, protecting industrial control systems and still keeping an eye on physical security.Even as it develops its long-term strategic goals, CISA has already launched a number of initiatives. The agency, along with industry members of the Information and Communications Technology (ICT) Supply Chain Risk Management Task Force, kicked off efforts to identify and develop collaborative solutions to global supply chain risk, a timely topic given the Trump Administration\u2019s push to bar Chinese telecom and tech giants from gaining a foothold in telecom and other critical infrastructure due to fears that Chinese tech suppliers embed surveillance technologies in their products at the behest of the Chinese government. CISA is also working on election security issues, having established task forces that bring together a broad set of resources, including temporary detailees from other parts of DHS, to quickly address this threat ahead of the 2020 elections.In late April 2019, CISA released the inaugural set of National Critical Functions, which identifies functions so critical to the government and private sector, such as electricity distribution or internet service, that any disruption in them could cause debilitating effects on security, national economic security, national public health or safety. CISA has also emerged as a key player in implementing an Executive Order directing the federal government to take critical steps to strengthen and bolster America\u2019s cybersecurity workforce given the chronic workforce shortages the cybersecurity sector faces.More recently, CISA\u2019s Krebs used his agency\u2019s new-found visibility to warn the country that Iran is stepping up its malicious cyber activity and seeks to do more than steal data and money by launching destructive \u201cwiper attacks\u201d that can actively destroy networks.Collaboration with critical infrastructure owners and operatorsBecause the private sector owns and operates most of the critical infrastructure in the U.S., CISA sees working with critical infrastructure owners and operators as central to its mission. The agency worked closely with industry partners in mapping out the Critical Functions list because, as an agency spokesperson tells CSO, \u201cNeither government nor the private sector alone has the knowledge, authority, or resources to do it. Public-private partnerships are the foundation for effective critical infrastructure security and resilience strategies, and timely, trusted information sharing among stakeholders is essential to the security of the nation\u2019s critical infrastructure.\u201dInformation sharing with industry is also key to other CISA programs such as the Automated Indicator Sharing (AIS) program, which is an early warning system that allows a company or federal agency to share information in near real-time after an attempted compromise has been observed. The goal of AIS is to allow industry and government partners to protect themselves before an intrusion occurs.CISA says that since March 2016 (a timeframe that includes its previous incarnation as NPPD), it has shared more than six million unique cyber threat indicators with partners. The agency currently has more than 250 organizations connected to its AIS server and more than 4,000 third-party AIS connections, a CISA spokesperson says.CISA also helps organizations better manage cybersecurity risks by helping them navigate the use the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF), along with other agency best practices. Finally, CISA encourages CISOs to be engaged with and join their respective Information Sharing and Analysis Centers (ISACs) to facilitate information exchange within their sectors.