The HIPAA Journal is the leading provider of news, updates, and independent advice for HIPAA compliance

CISA Publishes List of Free Cybersecurity Tools to Advance Security Capabilities

Posted By on Feb 23, 2022

Expanding security capabilities is possible with a tight budget by using free cybersecurity tools and services. Many tools and services have been developed by government agencies, the cybersecurity community, and the public and private sectors that can be used to improve defenses against damaging cyberattacks, detect potential intrusions rapidly, and help organizations respond to and remediate security breaches.

Finding appropriate free cybersecurity tools and services can be a time-consuming process. To help critical infrastructure organizations reduce cybersecurity risk, the DHS’ Cybersecurity and Infrastructure Security Agency (CISA) has compiled a list of services provided by CISA and other government agencies, open source tools, and tools and services developed and maintained by the cybersecurity community that can be adopted to improve protection, detection, response and the remediation of cyber threats.

The list of free cybersecurity tools and services is divided into four categories, based on the four goals detailed in previously published guidance: CISA Insights: Implement Cybersecurity Measures Now to Protect Against Critical Threats.

  1. Reducing the likelihood of a damaging cyber incident;
  2. Detecting malicious activity quickly;
  3. Responding effectively to confirmed incidents; and
  4. Maximizing resilience.

All of the tools and services added to the list were assessed by CISA using neutral principles and criteria; however, CISA does not attest to the suitability of any product or service, nor the effectiveness of any solution for any particular use case. While some commercial products and services have been included in the list, CISA does not endorse or provide any recommendations for using those products and services. The list will be periodically updated by CISA to include new products and services and CISA welcomes any suggestions of additional products and services for future inclusion in the list.

Get The FREE
HIPAA Compliance Checklist

Immediate Delivery of Checklist Link To Your Email Address

Please Enter Correct Email Address

Your Privacy Respected

HIPAA Journal Privacy Policy

While all included tools and services could be of benefit for improving or adding new security capabilities, they are no substitute for developing and implementing a strong cybersecurity program. It is vital to develop such a program and ensure certain foundational cybersecurity measures are implemented, including addressing known flaws in software and operating systems, setting strong passwords, implementing multi-factor authentication, and putting an end to bad cybersecurity practices such as the continued use of legacy solutions that have reached end-of-life and are no longer supported. CISA recommends signing up for its Cyber Hygiene Vulnerability Scanning service and taking steps to get sensitive Stuff of Search (S.O.S) to reduce Internet attack surfaces that are visible to anyone using a web-based platform.

Author: Steve Alder is the editor-in-chief of HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist