VOOZH about

URL: https://www.cisa.gov/audiences/industry

⇱ Industry | Cybersecurity and Infrastructure Security Agency CISA

Skip to main content
👁 Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

👁 HTTPS

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Industry

CISA partners with the public and private sector to better understand and manage risk.
Report a Cyber Issue
Organizations should report anomalous cyber activity and/or cyber incidents 24/7 to CISA.

CISA works with partners to defend against today’s threats and collaborate to build more secure and resilient infrastructure for the future. The threats we face—digital and physical, man-made, technological, and natural—have become more complex, and the threat actors more diverse. As we lead the nation’s efforts to understand and manage risk to our critical infrastructure, partnerships that span the public and private sectors are crucial to our success.  

The programs and services we provide are driven by our comprehensive understanding of the risk environment and the corresponding needs identified by our stakeholders. We help organizations manage risk and increase resilience using all available resources, including those provided by the federal government and commercial vendors.  

Featured Content

PUBLICATION

The KEV Catalog

A list of Known Exploited Vulnerabilities.

Cybersecurity Performance Goals 2.0 (CPG 2.0)

Cybersecurity Performance Goals 2.0 are an updated, common set of protections that all critical infrastructure entities - from large to small - should implement to meaningfully reduce the likelihood and impact of known risks and adversary techniques.

Information Sharing: A Vital Resource

An overview of the Executive Order encouraging the development of ISAOs; CISA resources available to help these groups share information effectively.

Alerts & Directives

Alerts provide timely information about current security issues, vulnerabilities, and exploits.

Services

CISA has compiled a list of no-cost tools and services to help the private sector further advance their security capabilities. This living repository includes services provided by CISA, widely used open-source tools, and other no-cost tools and services offered by private and public sector organizations. 

View Services

ChemLock On-Site Assessments and Assistance

INCREASE YOUR RESILIENCE
Contact: ChemLock@cisa.dhs.gov
Under the ChemLock program, CISA can provide on-site assistance and assessments that help facilities with dangerous chemicals identify the specific risks for their facility and offer tailored suggestions for security measures that will enhance their security posture.
Foundational

Crossfeed

ASSESS YOUR RISK LEVEL
Contact: vulnerability@cisa.dhs.gov
Crossfeed enables organizations to make better-informed risk decisions, provides CISA with greater insight on vulnerabilities in public-facing assets supporting National Critical Functions, and enables CISA to better fulfill its existing vulnerability management requirements.

Malware Analysis

RESPOND TO AN INCIDENT
CISA's Malware Analysis service provides stakeholders a dynamic analysis of malicious code, including recommendations for malware removal and recovery activities.
Foundational, Intermediate, Advanced
View Services

Helpful Resources

Use CISA's resources to gain important best practices, knowledge, and skills related to Industry.

Secure by Design Alert: Eliminating Buffer Overflow Vulnerabilities

FEB 12, 2025 | FACT SHEET, PUBLICATION
This Secure by Design Alert is part of an ongoing series aimed at advancing industry-wide best practices to eliminate entire classes of vulnerabilities during the design and development phases of the product lifecycle.

Eviction Strategies Tool

JUL 30, 2025 | FACT SHEET
A Tool for Building Containment and Eviction Playbooks.

CISA Tabletop Exercise Packages

INCREASE YOUR RESILIENCE
Contact: cisa.exercises@cisa.dhs.gov
A comprehensive set of resources designed to assist stakeholders in conducting their own exercises and initiating discussions within their organizations about their ability to address a variety of threat scenarios.
Foundational

CyberSentry Program

A CISA-managed threat detection and monitoring capability, providing operational visibility into information technology and operational technology networks within participating critical infrastructure entities.

Doing Business with CISA

At CISA, strategic partnerships are essential to enhancing national security and resilience. We leverage insights from industry, government at all levels, non-profits, academia, and research communities to stay ahead of emerging capabilities and market trends.