What/Who is Cisa?

On November 16, 2018, President Trump signed into law the Cybersecurity and Infrastructure Security Agency Act of 2018, which elevated the mission of the former NPPD within the Department of Homeland Security (DHS), establishing the Cybersecurity and Infrastructure Security Agency (CISA).  CISA is a successor agency to NPPD and assists both other government agencies and private sector organizations in addressing infrastructure and cybersecurity issues.

IRPT works closely with CISA to inform the inland river industry of available training courses offered by CISA, current potential threats to infrastructure and/or cyber that could adversely impact industry, and free services CISA provides that are available to industry.

CISA subcomponents include the:

 

Regional/District Contacts:

OBP Virtual Instructor-Led Training (VILT) Awareness Courses – July Schedule Open for Registration

By Crystal Hutchinson | June 22, 2021

The Office for Bombing Prevention (OBP) Virtual Instructor-Led Training (VILT) July Course Schedule has been published.  If you feel that your state would benefit from this type of awareness training, please feel free to distribute.     The Cybersecurity and Infrastructure Security Agency (CISA), Office for Bombing Prevention (OBP) and the Center for Domestic Preparedness have…

Read More

CISA: Rising Ransomware Threat to Operational Technology Assets – Fact Sheet

By Crystal Hutchinson | June 9, 2021

Critical Infrastructure Partners,   With every headline in the news, we are reminded about the increasing threat, both in number and size, that ransomware incidents have on critical infrastructure in the United States and across the globe. The President has made strengthening our nation’s resilience from cyberattacks – against both the private and public sectors…

Read More

CISA: Critical VMware vulnerability, patch immediately if found

By Crystal Hutchinson | June 8, 2021

Critical Infrastructure Colleagues and Partners,   CISA is aware of the likelihood that cyber threat actors are attempting to exploit CVE-2021-21985, a remote code execution vulnerability in VMware vCenter Server and VMware Cloud Foundation.  This vulnerability was discussed on the May 27 CISA weekly SOC call.   Although patches were made available on May 25,…

Read More

CISA: Information and Communication Technology Supply Chain – Lessons Learned During the COVID-19 Pandemic

By Crystal Hutchinson | June 4, 2021

  Critical Infrastructure Colleagues and Partners,   The impacts of the COVID-19 pandemic on the information and communications technology (ICT) sector’s supply chains are still unfolding. To understand how companies in this space have been impacted, and to identify lessons learned about supply chain vulnerabilities and the potential ways to address them going forward, the…

Read More

CISA: White House Memo to Corporate Executives and Business Leaders

By Crystal Hutchinson | June 4, 2021

Partners,   Please see the attached memo from Anne Neuberger, Deputy Assistant to the President and Deputy National Security Advisor for Cyber and Emerging Technology, titled “What We Urge You To Do To Protect Against The Threat of Ransomware.”   Attached, you will also find the following: CISA Ransomware Guide “What We Urge You To…

Read More

CISA: Active Shooter Webinar

By Crystal Hutchinson | May 25, 2021

About this event: Thursday, July 15, 2021 10:00 AM CDT Given today’s ever-changing threat environment, preparing for and training employees to cope with active threats and workplace violence should be a key piece of an organization’s emergency action plan. Discuss the elements of active shooter incident response planning with guidance from expert instructors. Describe common…

Read More

CDET- Instructor-Led Cyber Trainings through June 30, 2021

By Crystal Hutchinson | May 17, 2021

  Incident Response Training: Identify, Mitigate, Recover (IMR) series: To support the capacity of our nation’s cyber enterprise to “Defend Today, Secure Tomorrow” CISA has developed no-cost cybersecurity incident response training for government employees and contractors across Federal, State, Local, Tribal, and Territorial government, and is open to educational and critical infrastructure partners. IMR 000 –…

Read More

Be sure to check out CISA’s YouTube channel

By Crystal Hutchinson | May 17, 2021

CISA has a YouTube channel with numerous informative videos addressing cyber and physical preparedness efforts. Visit CISA’s YouTube channel here. CISA works with businesses, communities, and government at every level to help make the nation’s critical infrastructure more resilient to cyber and physical threats. Everyone has a role securing the Nation’s critical infrastructure. Critical infrastructure…

Read More

Update-05 Colonial Pipeline Ransomware Incident

By Crystal Hutchinson | May 17, 2021

  Critical Infrastructure Involved: Cyber, Energy (Oil), Transportation Systems (Pipelines) Summary: Colonial Pipeline initiated the restart of pipeline operations on May 12, at approximately 1700 ET.  Following this restart, it will take several days for the product delivery supply chain to return to normal. Some markets served by Colonial Pipeline may experience, or continue to experience, intermittent…

Read More

CISA’s ICT Supply Chain Risk Management (SCRM) Task Force is pleased to share two new resources

By Crystal Hutchinson | May 13, 2021

CISA’s ICT Supply Chain Risk Management (SCRM) Task Force is pleased to share two new resources that can assist organizations and businesses assess the trustworthiness of their vendors and suppliers: Mitigating ICT Supply Chain Risks with Qualified Bidder and Manufacturer Lists: In a digitally-connected world, protecting your organization’s information requires understanding not only your immediate…

Read More