The Cybersecurity Infrastructure and Security Agency (CISA) rolled out its Cybersecurity Shared Services Pilot Program. CISA is determined to support 'target rich, resource poor’ entities like healthcare providers and the K-12 education sector that are in desperate need of sophisticated cybersecurity measures.
.png?width=1920&height=1080&name=CISA%E2%80%99s%20Cybersecurity%20Shared%20Services%20Pilot%20Program%20(1).png)
On November 17th 2023, the Cybersecurity Infrastructure and Security Agency (CISA) launched its Cybersecurity Shared Services Pilot Program. The program is “designed to deliver cutting-edge cybersecurity shared services on a voluntary basis to critical infrastructure entities that are most in need of support.” It appears that the first priority for CISA is to help critical infrastructure organizations that are ‘target rich, resource poor’ - like healthcare providers, and the K-12 education sector. CISA has already made a lot of headway in helping these sectors, with a Healthcare and Public Health Cybersecurity Toolkit and commitments to improve cybersecurity in US K-12 schools being released this year. In all, CISA plans to share its services with up to 100 entities.
The pilot program comes in the context of more cyberattacks targeting critical infrastructure. Many people are familiar with the 2021 Colonial Pipeline ransomware attack that resulted in a large-scale disruption in fuel supplies on the East Coast. As cyberattacks become more sophisticated, the impacts of threat actors on critical infrastructure have become more serious. The Volt Typhoon attack earlier this year proved that US critical infrastructure organizations are already ideal targets for foreign actors.
The Cybersecurity Shared Services Pilot Program is an extension of the Protective Domain Name System (DNS) Resolver, which was released a month prior to pilot participants. The DNS resolver prevents systems from connecting to known or suspected malicious domains, which is a valuable safeguard against malware, by reducing the risk of ransomware, phishing, and malicious redirects. Since its launch in 2022, the application has been used to block almost 700 million connection attempts from federal agencies to malicious domains.
At first, these tools were only available to federal civilian agencies but now they can be used by any part of the critical infrastructure community that is most in need of the protection. Other program goals include locating important infrastructure groups that are interested in using shared services provided by CISA, putting the service delivery methods to the test under stressful conditions, and showing that they can successfully buy, set up, and run these cybersecurity services on a large scale.
Though the program has just begun, CISA is already looking for insights on how to improve through roundtables and information sessions that they plan to host across many sectors. They’re hoping to identify the needs and challenges, their current capabilities, to better understand how CISA can provide better support on a larger scale.
Companies interested in participating in the pilot program can contact their regional CISA office.
The progress made by the Cybersecurity Shared Services Pilot Program so far indicates a promising start, and one can only anticipate further strides in proactively protecting and bolstering the cyber defenses of those who need it most.