What/Who is Cisa?

On November 16, 2018, President Trump signed into law the Cybersecurity and Infrastructure Security Agency Act of 2018, which elevated the mission of the former NPPD within the Department of Homeland Security (DHS), establishing the Cybersecurity and Infrastructure Security Agency (CISA).  CISA is a successor agency to NPPD and assists both other government agencies and private sector organizations in addressing infrastructure and cybersecurity issues.

IRPT works closely with CISA to inform the inland river industry of available training courses offered by CISA, current potential threats to infrastructure and/or cyber that could adversely impact industry, and free services CISA provides that are available to industry.

CISA subcomponents include the:

 

Regional/District Contacts:

CISA- Fire As A Weapon Action Guide

By Crystal Hutchinson | April 13, 2021

The Cybersecurity and Infrastructure Security Agency (CISA) is pleased to announce the updated Fire as a Weapon Action Guide to better understand the threats of fire as a weapon and help mitigate future attacks. In this action guide, CISA compiled notable events within the past year to capture the increased incidents of arson and incendiary…

Read More

Industrial Control Systems (ICS) Training

By Crystal Hutchinson | April 5, 2021

CISA is offering free training geared toward Critical Infrastructure owners/operators designed to reduce cybersecurity risks to critical infrastructure and encourage cooperation between CISA and the private sector. These 10 day trainings run from 9:00am-6:00pm CST. For more information regarding these trainings, visit the following link:

Read More

CISA: CDET’s Cyber Training Bulletin

By Dede Smith | April 5, 2021

CISA has developed no-cost cybersecurity incident response training for government employees and contractors across Federal, State, Local, and is open to educational and critical infrastructure partners.  This can be supplemental to other training resources that are available. Incident Response Training: Identify, Mitigate, Recover (IMR) series: To support the capacity of our nation’s cyber enterprise to…

Read More

CISA Supply Chain Tools and Information

By Crystal Hutchinson | April 4, 2021

Partners, In recognition of National Supply Chain Integrity Month, the Cybersecurity and Infrastructure Security Agency (CISA) is partnering with the Office of the Director of National Intelligence (ODNI), the Department of Defense, and other government and industry partners to promote a call to action for a unified effort by organizations across the country to strengthen…

Read More

CISA Releases Supplemental Guidance on Emergency Directive for Microsoft Exchange Server Vulnerabilities (TLP:WHITE)

By Dede Smith | April 1, 2021

CISA Releases Supplemental Guidance on Emergency Directive for Microsoft Exchange Server Vulnerabilities (TLP:WHITE)   CISA has released (TLP:WHITE) Current Activity: CISA Releases Supplemental Guidance on Emergency Directive for Microsoft Exchange Server Vulnerabilities. CISA has issued supplemental direction to Emergency Directive (ED) 21-02: Mitigate Microsoft Exchange On-Premises Product Vulnerabilities providing additional forensic triage and server hardening…

Read More

DHS/CISA: Active Shooter Webinars and Grant information

By Dede Smith | March 30, 2021

  The TVTP Grant Program seeks to provide funding to applications that align with these objectives and that protect privacy, civil rights, and civil liberties. Applicants are required to conduct a rigorous needs assessment to outline what resources are already available in their area and what gaps need to be filled. All projects have required…

Read More

CISA Releases Another Edition of the National Emergency Communications Plan Spotlight Series

By Dede Smith | March 29, 2021

  The Cybersecurity and Infrastructure Security Agency (CISA) released its next National Emergency Communications Plan (NECP) Spotlight: Leveraging Mobile Applications to Bolster Emergency Alerts and Warnings cisa.gov/necp.   This is the fourth Spotlight in a series of articles designed to demonstrate how the NECP’s recommendations apply within real-world events. This Spotlight examines three different mobile…

Read More

CISA: MARs on Microsoft Exchange Vulnerabilities

By Dede Smith | March 25, 2021

  CISA has published two TLP:WHITE Malware Analysis Reports (MARs) associated with Alert AA21-062A: Mitigate Microsoft Exchange Server Vulnerabilities (TLP:WHITE); details are provided below.   MAR-10329496-1.v1: China Chopper Webshell https://us-cert.cisa.gov/ncas/analysis-reports/ar21-084a MAR-10329499-1.v1: China Chopper Webshell https://us-cert.cisa.gov/ncas/analysis-reports/ar21-084b   V/r,

Read More

CISA Hunt and Incident Response Program (CHIRP)

By Dede Smith | March 19, 2021

Critical Infrastructure Colleagues and Partners,   CISA has released the CISA Hunt and Incident Response Program (CHIRP) – a forensics collection capability – to assist network defenders with detecting activity related to the supply chain compromises affecting SolarWinds and Active Directory/Microsoft 365.   CHIRP is an open source project and is freely available to all…

Read More

CISA: Counter Unmanned Aircraft Systems (CUAS) Webinar

By Dede Smith | March 18, 2021

Due to the overwhelming response in the number of individuals that have registered for our April 20, 2021, New Mexico Tech Counter-UAS Training Course, we are now hosting a second training course on April 27 to allow maximum participation.  Registration for the April 27 course is below and attached. The Cybersecurity and Infrastructure Security Agency,…

Read More