The Cybersecurity and Infrastructure Security Agency (CISA) is an operational component of the U.S. Department of Homeland Security (DHS) established by the Cybersecurity and Infrastructure Security Agency Act of 2018, which President Donald Trump signed into law on November 16, 2018. The act elevated and renamed the former DHS National Protection and Programs Directorate (NPPD), giving it standalone agency status and a clearer mandate.
CISA's core mission is to understand, manage, and reduce risk to the cyber and physical infrastructure that Americans rely on. Its responsibilities span several domains:
- Cybersecurity services for federal civilian executive branch agencies, including operating intrusion-detection capabilities and issuing Binding Operational Directives and Emergency Directives.
- Critical infrastructure protection across the 16 sectors designated under Presidential Policy Directive 21 (2013), such as energy, water, financial services, and healthcare.
- Election security, a role expanded after election infrastructure was designated a critical infrastructure subsector in January 2017.
- Emergency communications, inherited from the former Office of Emergency Communications.
- Coordination with the private sector through the Joint Cyber Defense Collaborative (JCDC), launched in August 2021.
CISA publishes the widely cited Known Exploited Vulnerabilities (KEV) Catalog, maintains the StopRansomware.gov portal jointly with partners, and issues public advisories on threats from state-linked actors. The agency was led by Christopher Krebs from its founding until November 2020, by Jen Easterly from July 2021 through January 2025, and has since seen leadership transitions under the second Trump administration.
For international affairs researchers, CISA is significant because it is a frequent counterpart to allied cyber agencies such as the UK's National Cyber Security Centre (NCSC), Germany's BSI, and Australia's ACSC, and it participates in joint attribution statements regarding state-sponsored intrusions linked to actors including Russia, China, Iran, and North Korea.
Example
In February 2022, CISA issued the "Shields Up" advisory urging U.S. organizations to adopt a heightened cybersecurity posture in response to Russia's invasion of Ukraine.
Frequently asked questions
CISA was established on November 16, 2018, when President Trump signed the Cybersecurity and Infrastructure Security Agency Act, reorganizing the former DHS National Protection and Programs Directorate.
Keep learning