Official Government Website

Resources for Cybersecurity Professionals

    • The Logic Behind Russian Military Cyber Operations  This Booz Allen Hamilton report address cyber threat intelligence analysis from the past 15 years of open source information looking at links between Russia’s military intelligence agency activities and the country’s stated military doctrine.
    • Cyber Discovery Virtual Cyber School in the form of games, this new resource teaches children to try over 200 cybersecurity challenges based around cracking codes, finding and fixing security flaws and dissecting digital trails left behind by criminals, all as part of a game, learning the concepts and ideas that real agents use when dealing with real cyberattacks.
    • Microsoft Office 365 Security Recommendations (AA20-120A) As organizations adapt or change their enterprise collaboration capabilities to meet “telework” requirements, many organizations are migrating to Microsoft Office 365 (O365) and other cloud collaboration services. Due to the speed of these deployments, organizations may not be fully considering the security configurations of these platforms. This Alert is an update to the Cybersecurity and Infrastructure Security Agency’s May 2019 Analysis Report, AR19-133A: Microsoft Office 365 Security Observations, and reiterates the recommendations related to O365 for organizations to review and ensure their newly adopted environment is configured to protect, detect, and respond against would be attackers of O365.  Mitigations include: enable multi-factor authentication for administrator accounts, assign administrator roles using Role-based Access Control (RBAC), enable unified audit log (UAL), enable multi-factor authentication for all users, disable legacy protocol authentication when appropriate, enable alerts for suspicious activity, incorporate Microsoft Secure Score, and integrate logs with your existing SIEM tool.
    • IC3 Releases Alert on Extortion Email Scams The Internet Crime Complaint Center (IC3) has released an alert warning of a recent increase in extortion email scams. Cyber criminals threaten to release sexually explicit photos or videos of victims unless they agree to send payment. CISA encourages everyone to review the IC3 Alert and the CISA Tip on Avoiding Social Engineering and Phishing Attacks. If you believe you are a victim of cybercrime, file a complaint with IC3 at
    • Electronic Security Industry Cross Sector Council (ESI-CSC) InfraGard National established cross sector facility security readiness grading criteria and reporting upstream data to appropriate federal sector information analysis channels. Initial ESI-CSC awareness efforts include the establishment of a steering committee comprised of current InfraGard members with sector specific subject matter expertise and electronic security industry experience as co-chairs in each sector.  
ver: 3.4.0 | last updated: