CISA, FBI, and DHS Releases Cybersecurity Blueprint for Civil Society


The recent release of security guidance underscores a broader initiative aimed at empowering high-risk communities to tackle cyber threats effectively.

In collaboration with DHS, FBI, and international cybersecurity entities, CISA has unveiled a comprehensive guide titled “Mitigating Cyber Threats with Limited Resources: Guidance for Civil Society.” This guide is specifically designed to bolster cybersecurity for civil society organizations, particularly those facing heightened risks from state-sponsored cyber threats.

Jen Easterly, Director of CISA, emphasized the importance of this cybersecurity plan for civil society organizations, noting the threat posed by actors seeking to undermine democratic and humanitarian values.

The guide provides practical steps to enhance digital defenses for nonprofits, advocacy groups, academic institutions, journalists, and other high-risk groups. It addresses proactive measures such as regular software updates, multi-factor authentication, and incident response planning, tailored to the unique challenges faced by civil society entities.

International collaboration, evidenced by partnerships with entities from Canada, Estonia, Japan, and the United Kingdom, further strengthens the effectiveness of these initiatives. This collaboration aims to provide valuable insights into the tactics employed by state-sponsored actors, enabling organizations to make informed decisions regarding cybersecurity investments and resource allocation.

John Scott-Railton, senior researcher at CitizenLab, highlighted the historical lack of prioritization in addressing cyber threats to civil societies. He welcomed the joint initiative led by CISA and the UK, emphasizing the need for collective action to address global cyber threats.

Government agencies like the FBI aim to equip civil society organizations with the capacity to defend against cyber intrusions. International partners, such as Japan’s National Center of Incident Readiness and Strategy for Cybersecurity and Estonia’s State Information Authority, underscore the importance of collective action in addressing global cyber threats.

In addition to the guidance document, a range of resources and tools are available to assist high-risk communities in enhancing their cyber defenses. These include customized risk assessment tools, helplines for digital emergencies, and free or discounted cybersecurity services tailored to the needs of civil society organizations.

By leveraging these resources and fostering international cooperation, civil society can better defend against cyber threats and continue their vital work in promoting democracy, human rights, and social justice. Through collective efforts and ongoing collaboration, the global community can build a more resilient and secure cyber environment for all.