The U.S. government is providing "cutting-edge cybersecurity shared services" to critical infrastructure organizations that need it most. In a letter on Friday, the Cybersecurity and Infrastructure Security Agency (CISA) announced a new voluntary pilot program focused on entities in the healthcare, water and K-12 education sectors – organizations that face a high number of cyberattacks and ransomware incidents every day.

"CISA has been a managed services provider to the federal civilian government for many years and has observed significant risk reductions and the benefits of cost savings and standardization," said Eric Goldstein, executive assistant director for cybersecurity at CISA. "With the new authority provided by Congress, we are eager to extend our support and enterprise cybersecurity expertise to non-federal government organizations in need of additional assistance to effectively address cybersecurity risks."

CISA plans to identify organizations interested in its services and "stress test" their delivery mechanisms to understand whether these organizations have the ability to "acquire, deploy and operate these cybersecurity services at scale."

The first phase of the cybersecurity shared services pilot program will focus on up to 100 entities, with subsequent expansion beyond these sectors. They plan to host roundtables and information sessions with organizations in each region to understand what entities in each industry need.

Goldstein cited ransomware attacks on ColonialPipeline and nation-state operations by groups like VoltTyphoon as examples of threats facing critical infrastructure sectors.

"Providing CISA-managed cybersecurity services to those segments of our critical infrastructure community that need them most is a cost-effective way to gain deeper understanding of the evolving threat environment, establish a common baseline for cyber protection, and most importantly, reduce the frequency and impact of damaging cyber incidents," he said. "As the nation's cyber defense agency, we believe the ability to provide innovative, cost-effective, highly scalable solutions to critical infrastructure entities in need of assistance is critical to our national cyber mission."

As an example of CISA's free services to organizations outside the federal government, Goldstein added that last month they launched the Protective Domain Name System (DNS) Resolver program, which uses U.S. government and commercial threat intelligence to prevent systems from connecting to known or suspected malicious domains. Since 2022, the service has helped federal agencies block nearly 700 million connection attempts from federal agencies to malicious domains around the world.

He urged key organizations interested in the program to contact regional CISA offices to learn more.

The announcement comes the same day CISA released new mitigation guidance designed to help protect healthcare organizations from cyberattacks, and the agency also released guidance for K-12 schools on Friday.