CISA Shields Up

March 31, 2022

Takeaway: CISA’s Shield Up Guidance Emphasizes Incident Response Planning

With the specter of an expanding war in Europe, the threat of cyber retaliation by Russia, or Russian-sponsored actors, is increased. In response, the Cybersecurity and Infrastructure Security Agency (“CISA”) released its Shields Up Guidance to help organizations and supply chains withstand and prepare for a malicious Russian cyber-attack. The guidance is aligned with previous recommendations from CISA and National Institute of Standards and Technology (“NIST”).

A central theme of the Shields Up Guidance is incident response: putting in place a proper plan in the event of a cybersecurity incident.  Indeed, a strong incident response plan (“IRP”) is a pillar of a viable cybersecurity program, as it encourages accountability and helps promote a culture of security.

To get started, it’s important to identify an organization’s most critical data and infrastructure. Once critical data and infrastructure are identified, the organization can assign roles to people who form the Incident Response Team (“IRT”). The IRT is the standard-bearer for how the organization will defend its critical data assets. The IRT meets regularly to augment and execute on the IRP.  The IRT also assumes responsibility for triaging and responding to an active incident. It is important to define all roles with specificity and to engage in training exercises to ensure that all people understand their responsibility.

A critical responsibility of the IRT is escalating incidents to senior management and the proper external authorities. Under its Shields Up Guidance, CISA makes it clear that organizations should lower the threshold for reporting cyber incidents. That is, even minor incidents that are blocked by security controls should be reported to CISA.

In addition to the internal IRT, organizations will want to identify critical third-party experts to help execute the IRP. The IRT will coordinate with technical experts and legal counsel to ensure that the breach is reported to the proper authorities, the threat is contained and eradicated, and the organization is ready to safely resume operations.

CISA’s Shields Up Guidance provides more information about how to pursue and implement an IRP at

News & Events

Related News

Marc Raspanti and Pamela Coyle Brecht’s WOLEP Presentation Released
November 28, 2023
Marc Raspanti and Pamela Coyle Brecht‘s presentation “A Practitioner’s Guide to American Whistleblower Programs” is now available through World Online Lawyers With Excellent Practice (WOLEP). Read More
Lourdes Sánchez Ridge appointed Chair of the Allegheny County Bar Association Professional Ethics Committee
November 27, 2023
Pietragallo is pleased to announce that Lourdes Sánchez Ridge has been appointed Chair of the Allegheny County Bar Association’s Professional Ethics Committee. Read More

Upcoming Events

Scott Coffina to speak at Police Assisted Addiction and Recovery Initiative 2023 National Law Enforcement Summit
December 4, 2023
Pietragallo partner Scott Coffina will present “How to Run an Effective and Ethical Diversion Program” at the Police Assisted Addiction and Recovery Initiative (PAARI) 2023 National Law Enforcement Summit held in Boston, MA on December 4-5, 2023. Read More
Michael Morse to present at the American Bar Association’s 21st Annual Washington Health Law Summit
December 11, 2023
Pietragallo partner Michael Morse will be presenting at the American Bar Association’s 21st Annual Washington Health Law Summit, on December 11-12, 2023 in Washington D.C.. Read More
View More News & Events