Light Dark
September 30, 2024 By Sue Poremba 2 min read
News

Information sharing just got more efficient. In August, the Cybersecurity and Infrastructure Security Agency (CISA) launched the CISA Services Portal.

“The new CISA Services Portal improves the reporting process and offers more features for our voluntary reporters. We ask organizations reporting an incident to provide information
on the impacted entity, contact information, description of the incident, technical indications and steps taken,” a CISA spokesperson said in an email statement.

“Reported incidents enable CISA and our partners to help victims mitigate the effects, limit the ability of malicious actors to use the same techniques to execute multiple intrusions and better understand the scale of adversary campaigns. Information sharing not only helps the victim but other potential victims as well,” the spokesperson added.

How the portal works

CISA uses NIST Special Publication 800-61 Revision 2, Computer Security Incident Handling Guide, to provide guidance on how to define a cyber incident. These include:

•    Attempts to gain unauthorized access to a system or its data
•    Unwanted disruption or denial of service
•    Abuse or misuse of a system or data in violation of policy

The portal covers more than just cyber incidents. Users can also report malware, software vulnerabilities, threat indicators and government website vulnerabilities. One exception to what can be reported from the CISA Services Portal: Users reporting a cyberattack on the critical infrastructure are instructed to follow a different submission link per CIRCIA requirements.

When you click on the link to report an incident, it will walk you through the process, from identification of the organization to detailed incident description to the technical aspects associated with the incident.

What makes this portal different

There are a lot of different breach reporting portals and websites out there, so what makes CISA’s different? First, it is completely voluntary and open to all entities across the country to use, but it is also a stand-alone government portal. It does not replace any reporting processes required by federal, state, local and/or industry regulations. An organization required to report a breach to the FTC or FCC, for example, will still have to follow those procedures.

Reporting can be done on behalf of an organization or by an individual user. Users can set up an account and use the portal to chat with CISA about their cybersecurity questions and concerns. Reports filed can be saved, updated and shared.

What truly makes CISA’s portal unique is the agency’s ability to assist in an organization’s incident response and recovery efforts. This is especially vital for small and medium-sized businesses that may not have the resources to mitigate an incident efficiently.

Again, even though reporting to CISA is not mandatory, the agency encourages all organizations and entities to voluntarily report cyber incidents or anomalous activity. CISA does ask anyone reporting an incident to have as much information as possible about the breach and mitigation efforts. The agency has produced a guide to help victims prepare to make their reports.

“Any organization experiencing a cyberattack or incident should report it – for its own benefit and to help the broader community. CISA and our government partners have unique resources and tools to aid with response and recovery, but we can’t help if we don’t know about an incident,” said CISA Executive Assistant Director for Cybersecurity Jeff Greene in a formal statement covering the portal’s announcement.

 |  |  |  | 
Sue Poremba

More from News
January 13, 2025

Insights from CISA’s red team findings and the evolution of EDR

3 min read - A recent CISA red team assessment of a United States critical infrastructure organization revealed systemic vulnerabilities in modern cybersecurity. Among the most pressing issues was a heavy reliance on endpoint detection and response (EDR) solutions, paired with a lack of network-level protections. These findings underscore a familiar challenge: Why do organizations place so much trust in EDR alone, and what must change to address its shortcomings? EDR’s double-edged sword A cornerstone of cyber resilience strategy, EDR solutions are prized for…

December 30, 2024

DHS: Guidance for AI in critical infrastructure

4 min read - At the end of 2024, we've reached a moment in artificial intelligence (AI) development where government involvement can help shape the trajectory of this extremely pervasive technology. In the most recent example, the Department of Homeland Security (DHS) has released what it calls a "first-of-its-kind" framework designed to ensure the safe and secure deployment of AI across critical infrastructure sectors. The framework could be the catalyst for what could become a comprehensive set of regulatory measures, as it brings into…

December 26, 2024

Apple Intelligence raises stakes in privacy and security

3 min read - Apple’s latest innovation, Apple Intelligence, is redefining what’s possible in consumer technology. Integrated into iOS 18.1, iPadOS 18.1 and macOS Sequoia 15.1, this milestone puts advanced artificial intelligence (AI) tools directly in the hands of millions. Beyond being a breakthrough for personal convenience, it represents an enormous economic opportunity. But the bold step into accessible AI comes with critical questions about security, privacy and the risks of real-time decision-making in users’ most private digital spaces. AI in every pocket Having…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2025 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature