Capacity Enhancement Guide for Federal Agencies: Counter Phishing Recommendations

Many agencies have built robust counter-phishing programs, but there remains a wide disparity in scale, capability, and implementation. In response, CISA is recommending technical capabilities to enhance agencies' counter-phishing defenses. These capabilities stem from operational insights from CISA's counter-phishing programs and interagency best practices, and they fall into four categories: 1) Secure Email Gateway Capabilities, 2) Outbound Web-browsing Protections, 3) Harden User Endpoints, and 4) Endpoint Protections.

The capabilities, which are primarily technical and preventive in nature, are not meant to replace or lessen the importance of user training and awareness. With proper implementation, these capabilities can significantly decrease the amount of malicious phishing emails reaching

Capacity Enhancement Guide for Federal Agencies: Counter Phishing Recommendations

Resource Materials

Tags

Exploring Memory Safety in Critical Open Source Projects

Emergency Services Sector Cybersecurity Best Practices

Cybersecurity Advisory Committee (CSAC) Reports and Recommendations

Barriers to Single Sign-On (SSO) Adoption for Small and Medium-Sized Businesses: Identifying Challenges and Opportunities

Capacity Enhancement Guide for Federal Agencies: Counter Phishing Recommendations

Resource Materials

Tags

Related Resources

Exploring Memory Safety in Critical Open Source Projects

Emergency Services Sector Cybersecurity Best Practices

Cybersecurity Advisory Committee (CSAC) Reports and Recommendations

Barriers to Single Sign-On (SSO) Adoption for Small and Medium-Sized Businesses: Identifying Challenges and Opportunities