I am honored to serve as the director of
@CISAgov
and I’m grateful that
@POTUS
and
@SecMayorkas
have put their faith in me to lead the agency that works tirelessly to defend today and secure tomorrow.
Happy Birthday to Amazing Grace Hopper, a pioneer in computer science, role model, & all around a$$-kicking leader. Fave quotes: 1. “The most dangerous phrase in the language: ‘We’ve always done it this way.’” 2. “You manage things; you lead people.” (Oh, and…Beat Navy!)
We at
@CISAgov
greatly value the partnerships and efforts of researchers, hackers, academics, and any others working to find and responsibly disclose vulnerabilities, which makes us all more safe & more secure. (1/2)
🚨Foreign actors may intensify efforts to spread disinformation surrounding the midterms to promote distrust in US democratic processes. Review this PSA & take steps to stay vigilant against malicious foreign influence campaigns:
🛡As a combat veteran, I’m in total awe of the courage of the 🇺🇦 people. While there are no specific threats to 🇺🇸, we must be prepared for spillover effects of 🇷🇺 cyber ops or an uptick in ransomware. We’re continuing to update w/info to reduce your risk.
I’ve said it before, and I’ll say it again: Enabling multi-factor authentication makes you 99% less likely to get hacked.
Enable MFA! Here’s more info:
Saw
#First7Jobs
trending. Here's mine:
1. Don't
2. Share
3. Your
4. Personal
5. Info
6. With
7. Strangers
"What was your first job" is often a security question - hackers can use this info to break into your accounts. Follow the Cyber Essentials:
20 years ago, I lost my little brother Elias to suicide. Funny, smart, and kind, Eli was a gentle soul whose absence from the world makes it a little less bright.
💯agree with this & something we're working on aggressively
@CISAgov
as we grow our team. At the entry level, it shouldn't be about experience (or even necessarily whether you have a college degree); for me, it's all about APTITUDE & ATTITUDE.
🛡As
@POTUS
notes, 🇷🇺 is exploring options for cyberattacks in the US, highlighting the evolution of a credible cyber threat to the Homeland. ALL orgs must act NOW to ensure preparedness. Go to for steps you can take to reduce risk.
Today is
#HolocaustRemembranceDay
. This is me in Israel with my Aunt Rena, a Holocaust survivor whose entire family was murdered. Liberated from Bergen-Belsen at age 9, she was eventually adopted by a family in NYC.
#WeRemember
“We must always take sides” -Eli Wiesel
Was honored to receive my Commission as a 2LT in the
#Army
on a beautiful, hot day at
#USMA
from then CJCS Colin Powell, a personal hero of mine. RIP, General. “Old Soldiers Never Die…”
Big day for cybersecurity! The new
@POTUS
National Security Memorandum takes important steps to significantly strengthen the security of critical infrastructure, including setting performance goals from
@CISAgov
&
@NISTcyber
:
Thrilled to see that the cyber incident reporting legislation has passed! This bill is a game-changer & a critical step forward for our Nation's cybersecurity. As the nation's cyber defense agency, it will help
@CISAgov
better protect our networks & critical infrastructure.
🛡️ Russian retaliation against critical infrastructure could include
#ransomware
attacks. Organizations of all sizes must take measures now to protect themselves.
#ShieldsUp
:
So, I’m sick today (which is terribly inconvenient & generally a total drag), and my husband went out to get me medicine and also brought back this unicorn. And I’m feeling a bit better already.🦄❤️💙💚💛
#BestHubbyEver
👉Happy Ada Lovelace Day! A.K.A. “Enchantress of Numbers,” Ada is often considered the first computer programmer. I aspire to be an enchantress at something, or at least look as fashionable while doing higher math. In Ada’s spirit, let’s get to 50% women in cybersecurity by 2030!
Exciting news!
@CISAgov
&
@GirlsWhoCode
announced a new partnership that will give women & girls new opportunities to pursue cybersecurity & technology careers.
I look forward to working w/
@DrTarikaBarrett
to close the gender gap in cybersecurity & tech:
💔💔💔Thinking of my wonderful little brother, Eli, who we tragically lost to suicide 22 years ago today. Let’s take care of each other—we’re all fighting battles no one knows about.
#YouAreNotAlone
@988Lifeline
…
I showed
@nancycordes
how easy it is to turn on multi-factor authentication. Took us 15 seconds and makes you 99% less likely to get hacked. Here are 4 easy things you can do to keep yourself cyber safe:
#BeCyberSmart
#CyberMonth
In an exclusive interview,
@nancycordes
introduces the woman in charge of the country’s cybersecurity,
@CISAJen
.
She says there’s a cyber-attack every 40 seconds somewhere in the world — and one of the biggest threats is ransomware.
New -
@POTUS
designated
@DHSgov
to lead domestic preparedness & response to the Russia-Ukraine crisis. As part of the Unified Coordination Group,
@CISAgov
will do everything in our power to help our Nation prepare for & respond to threats: 🛡️
#ShieldsUp
🛡️ Russian state-sponsored malicious cyber activity is a continuing threat to our critical infrastructure—why we’re working closely w/public & private sector partners to reinforce the importance of vigilance against these threats; read our latest advisory:
⁉️For those curious about why I decided to make the call public:
1. After 3 hours answering 60+ questions, I felt it was important to ensure the info was widely available
2. I believe we need to be as transparent as possible & am committed to leaning into that as an Agency
Today
@CISAgov
held a 3-hour call with 13,000+ industry "stakeholders" to provide an update on the potential for Russian cyberattacks against the U.S. and answer questions. Here's a recording of the call:
We strongly encourage all organizations to implement an effective vulnerability disclosure policy (VDP).
Learn more about VDP --> Last week
@beauwoods
,
@InsiderPhD
, &
@spacerog
gave us the hacker perspective on vulnerabilities & disclosures: (2/2)
🛡While there are no specific or credible threats to the US at this time, Russia may consider taking retaliatory action in response to sanctions that may impact our critical infrastructure. We urge ALL orgs to visit for steps to reduce cybersecurity risk.
The U.S. is imposing immediate economic costs in response to actions in the Donetsk and Luhansk Regions, including sanctioning major Russian state-owned financial institutions, Kremlin-connected elites, & additional restrictions on Russian sovereign debt.
🛡Every organization in the US is at risk from cyber threats that can disrupt essential services. As we know, the Russians have used cyber as a key component of their force projection, to include disabling or destroying critical infrastructure. More @ 1/4
.
@thedarktangent
: “So, why are you here?” Me: Cuz
@CISAgov
’s success as America’s cyber defense agency is only possible if we can build TRUST w/all partners; & people don’t trust institutions—they trust people. Trust is built w/humility, vulnerability, transparency, & gratitude.
🙏Thanks to
@CISAgov
’s Founder,
@C_C_Krebs
, for stopping by our booth. Super grateful to Chris for his leadership, friendship & continued support. (The hair is pretty impressive as well—glad I had my cap!)
Wonderful treat to spend the afternoon
@HooverInst
talking cybersecurity & geopolitics with my former Boss (and personal hero!)
@CondoleezzaRice
🇺🇸Proud to be a Veteran!🇺🇸
From West Point to the Balkans to Iraq to Afghanistan to
@CISAgov
, there is no greater honor than serving the American people, sworn to protect & defend our Constitution. I’m grateful to all our Veterans for their service & sacrifice.
#VeteransDay
❤️As
#SuicidePrevention
Month begins, wanted to reshare this video about my little brother, Eli, who we tragically lost to suicide at age 25. Let’s take care of each other—we’re all fighting battles no one knows about.
#KindnessMatters
#YouAreNotAlone
🛡We know that part of the Russian playbook is to use mis-, dis-, & malinformation (MDM) to manipulate & influence public opinion. Check out this
@CISAgov
Insight on how to identify & mitigate risk associated with influence operations:
🇺🇸🇯🇵Great visit earlier this week with Taro Kono, Japan’s Minister for Digital Transformation. We affirmed our strong partnership and discussed key initiatives around cybersecurity collaboration.
My brother Eli would have been 46 today; resharing this video in his memory. No one should suffer in silence; reach out if you need help & lend a hand if you sense someone is in need. Remember we never really know what’s going on in people’s lives.
#BeKind
#MentalHealthISHealth
Some news: I'll have to find my fanciest black hat!
I'll be keynoting the
@BlackHatEvents
conference in a couple of weeks. Hope to see you there!
#BHUSA
#BlackHat
UPDATE: Jen Easterly (
@CISAJen
), the new Director for the Cybersecurity and Infrastructure Security Agency (
@CISAgov
) will present the Day 2 Keynote in person at
#BlackHat
USA in Las Vegas, Thursday, August 5. Session will also be live streamed.
“Being a CISO right now is like standing on lava islands while juggling radioactive lightsabers.” Worthwhile read from Daniel Meissler on the potential rise of the Cyber-CFO and a necessary evolution to “less magic & more accounting.”
🛡️A cyber🧵While there are currently no specific or credible cyber threats to the US homeland as a result of the unprovoked Russian invasion of Ukraine,
@CISAgov
strongly urges continued vigilance by all orgs – large & small. See for info & updates 1/
Ransomware is wreaking havoc on businesses across America.
@CISAgov
and our partners launched a new one-stop location with tools and resources for organizations of all sizes today.
Visit and take steps to avoid becoming the next victim.
#StopRansomware
Just one word: CULTURE!
#Cybersecurity
is ultimately not about tech or process or policy, but about PEOPLE, & it’s the responsibility of leaders to co-create cultures that both inspire our people & make it easier for everyone to protect themselves online:
🚨All orgs should upgrade to log4j version 2.15.0 or apply appropriate vendor recommended mitigations ASAP!
Read my full statement on this vulnerability:
We urge all organizations to review the latest current activity alert and upgrade to Log4j version 2.15.0, or apply the appropriate vendor recommended mitigations immediately:
On this
#TransDayOfVisibility
wanted to lend my voice in unwavering support of the transgender community, across the nation & the world.
I SEE YOU & YOU ARE BEAUTIFUL 🌈
On a mission to inspire our future leaders to live fearlessly. On International Day of Women & Girls in Science, I'm super proud of our partnerships w/
@GirlsWhoCode
&
@GirlScouts
that help give girls new
#STEM
opportunities.
🎂🥳🎉Happy 4th Birthday to
@CISAgov
! I couldn’t be more proud to be part of such an amazing team of dedicated professionals working with equally amazing partners across our nation to protect the infrastructure Americans rely on every day.
#BestJobEver
#AmericasCyberDefenseAgency
🛡️Given the continuing & unpredictable conflict in 🇺🇦Ukraine, a reminder to all our critical infrastructure partners to keep your SHIELDS UP. As the risk environment evolves,
@CISAgov
will continue to share timely, actionable guidance at .
🚪Knock, knock! Who’s there? Jen. Jen who? Jen-erate strong passwords using a password manager!
Saw that it was national tell a joke day, and I just had to 🤣
🚨Cyber actors w/Iran’s IRGC are actively exploiting US Water facilities. Read this advisory () for immediate steps to take to reduce risk: Implement MFA; Use strong, unique passwords; Check PLC’s for default passwords.
APT40 & Chinese state-sponsored actors are targeting various sectors of our critical infrastructure. With our partners
@NSACyber
&
@FBI
,
@CISAgov
published two advisories & CISA Insights w/recommended actions to identify & reduce the risk from this threat:
🛡.
@CISAgov
advises organizations of all sizes to take immediate steps now to protect themselves against potential cyber threats. Check out our latest Insights for details:
🧵On the demise of public-private partnership & the rise of operational collaboration: In Dec 20, a significant cyber-espionage campaign was discovered by
@FireEye
, illuminating the reality that in our highly-digitized world, tech companies are often first to see an attack.1/
CYBER DEFENDERS: Super exiting news today! We just launched the Cybersecurity Talent Management System (CTMS), an innovative new hiring system to more effectively recruit, compensate, and retain our nation’s cybersecurity professionals. (1/3)
Today, DHS is launching the Cybersecurity Talent Management System (CTMS): a new personnel system that will recruit, develop, and retain our Nation’s top
#cyber
professionals.
Learn more about how to apply ⬇️
We’re thrilled to announce the launch of our new program
#SecureOurWorld
Staying safe online is bigger than just you or me. It takes all of us working together.
Learn more 👉
Here’s a question I receive often: “What can I do today to help protect my organization?”
1.Turn on multi-factor authentication
2.Update your software
3.Think before you click
4.Use strong passwords (and ideally a password manager!)
#BeCyberSmart
🌟Super cool story alert! A few weeks ago we received “A Kid’s Guide to Staying Safe Online," created by 13 year-old Julie Seth. I was thrilled to host Julie & her mom Dr. Priya Seth this week
@CISAgov
to chat about Julie’s excellent initiative & her passion for cybersecurity!
I'm thrilled to announce the initial members of
@CISAgov
's new Cybersecurity Advisory Committee. Couldn’t be more excited to tap into their unique expertise to continue to transform CISA into the premier cyber defense agency our nation needs and deserves.
Hi! Really appreciate Jen letting me share my story of how I broke into cybersecurity and how, ultimately, mom knows best. I’m a Somali native, who grew up in Kuwait & believed in the American Dream. I came to the U.S. to become a lawyer, but the universe had different plans. -A
FREE STUFF!
@CISAgov
put together a list of FREE cybersecurity tools & services for network defenders. This is just version 1.0--much more to come:
H/T to our
#JCDC
Alliance partners and the open-source community.
Sharing my leadership philosophy as we transform
@CISAgov
to be the nation’s premiere cyber and infrastructure defense agency. We’re focused on co-creating a culture of excellence, empowering our teammates, and building trust with our partners. Join us!
I’ve said it to my
@CISAgov
team and now under oath: I have the best job in government:
Help us
#DefendTodaySecureTomorrow
. We’re hiring infosec pros at all levels:
My statement on today’s advisory on vulnerabilities affecting certain versions of Dominion Voting Systems’ software. While these risks should be mitigated as soon as possible, we have no evidence they have been exploited in any elections.
Full report: