Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) Reporting Requirements; Extension of Comment Period

The Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA), as amended, requires the Cybersecurity and Infrastructure Security Agency (CISA) to promulgate regulations implementing the statute’s covered cyber incident and ransom payment reporting requirements for covered entities. CISA seeks comment on the proposed rule to implement CIRCIA’s requirements and on several practical and policy…

Read More

New Security Planning Workbook

The Cybersecurity and Infrastructure Security Agency (CISA) is pleased to announce the release of a new resource titled, Security Planning Workbook, which can assist critical infrastructure owners and operators with developing a foundational security plan. This workbook is designed to be flexible and scalable to suit the needs of most facilities. It is intended for…

Read More

Coast Guard Cyber Update

Welcome to April! The sight of robust commerce is a delight to me as the weather warms up. Tows are moving up and down the river beautifully. Your facilities are vital to this commerce, and I applaud you all on working so hard to keep our rivers active and safe. I wish I could tell you…

Read More

Cyber Training Bulletin  –  January and February

CSD Cyber Defense Education and Training (CDET) Offerings Highlights: What You Want to Know A new category has been added to FedVTE under the Cybersecurity Courses called Non-Technical Cybersecurity. Some new courses that fall into this category include Cloud Monitoring, Critical Infrastructure Protection, and Cybersecurity Investigations. To see the full list of available courses in…

Read More

Introduction to Bomb Threat Management Virtual Training

In 2022, public safety officials, security professionals, and facility owners and operators experienced an unprecedented number of bomb threats and responded to hundreds of threats that disrupted daily lives and operations.  As an example, in the months of January and February Historically Black Colleges and Universities received over 65 bomb threats; in the months of…

Read More

CISA Releases Insights on Global Positioning System Interference

The Cybersecurity and Infrastructure Security Agency (CISA) released a new Insights titled CISA Insights: Global Positioning System (GPS) Interference, which provides a summary of a January 2022 GPS interference event, recommended actions GPS users should take now to make their system resilient and avoid degradation of services, as well as guidance on how and when…

Read More

CISA, NSA and ODNI Publish Assessment on Potential Threats to 5G Network Slicing

Enduring Security Framework (ESF) partners at the Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the Office of the Director of National Intelligence (ODNI) published an assessment of 5G network slicing. The paper, “Potential Threats to 5G Network Slicing,” is developed by industry and government experts of a working panel under…

Read More

CISA Publishes Update to the Infrastructure Resilience Planning Framework

The Cybersecurity and Infrastructure Security Agency (CISA) released an updated Infrastructure Resilience Planning Framework (IRPF) today to better help state, local, tribal, and territorial (SLTT) planners manage risk to critical infrastructure systems and enhance their resilience. First released in 2021, today’s update to the IRPF adds important new resources and tools to better support partners…

Read More

CISA, NSA, ODNI Announce New ESF Guidance for Software Customers  

The Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the Office of the Director of National Intelligence (ODNI) partnered with industry and government experts under the Enduring Security Framework (ESF) to release “Securing the Software Supply Chain Recommended Practices Guide for Customers” and an accompanying fact sheet. In an effort to…

Read More

CISA, FBI and HHS Cyber Advisory – #StopRansomware: Hive Ransomware

The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of the Health and Human Services (HHS) released a joint Cybersecurity Advisory (CSA) with technical details associated with Hive ransomware variants identified through FBI investigations as recently as November 2022. From June 2021 through at least November 2022, threat…

Read More