The US government wants to offer better cybersecurity to major infrastructure firms
The U.S. government’s Cybersecurity and Infrastructure Security Agency (CISA) is expanding its managed cybersecurity services to critical infrastructure entities in an effort to further protect key platforms.
The organization says its security project has proven to be a significant success to date, and its expansion will not only help test capabilities but also relieve the burden on security teams struggling to keep up with increasingly intense attacks.
In a press release, CISA says said it had begun deploying its Protective Domain Name System (DNS) Resolver to pilot participants. Previously, the program was only available to federal civilian agencies.
Rich in goals, poor in resources
“It is a proven, cost-effective solution that uses U.S. government and commercial threat intelligence to prevent systems from connecting to known or suspected malicious domains,” CISA explains. “Since 2022, CISA’s Protective DNS service has successfully blocked nearly 700 million connection attempts from federal agencies to malicious domains around the world and continues to reduce the risk of the most common cyber risks such as ransomware, phishing and malicious redirects.”
Now, CISA will expand its offering to Target Rich, Resource Poor entities with critical infrastructure, which will not only help these organizations but also stress test CISA’s service delivery mechanisms, demonstrating its ability to deliver cybersecurity services at scale to acquire, deploy and exploit. . Additionally, CISA expects the offering to result in a better understanding of the evolving threat environment, as well as the creation of a “common baseline of cyber defense.” Finally, a reduced frequency and impact of cyber attacks is also expected.
Organizations involved are active in the healthcare, water supply and primary and secondary education sectors. “This year we plan to provide services to up to 100 entities,” CISA concluded.
The project also includes organizing roundtable discussions and information sessions with critical infrastructure companies in each region and across all sectors. The goal is to understand the needs and challenges of each individual company and identify gaps in existing capabilities. “The insights gained through these discussions and as a result of the Protective DNS pilot will support our efforts to better serve our nation’s critical infrastructure organizations,” the organization concluded.
Through The record