The Office for Bombing Prevention (OBP) Virtual Instructor-Led Training (VILT) July Course Schedule has been published.  If you feel that your state would benefit from this type of awareness training, please feel free to distribute.     The Cybersecurity and Infrastructure Security Agency (CISA), Office for Bombing Prevention (OBP) and the Center for Domestic Preparedness have…

Critical Infrastructure Partners,   With every headline in the news, we are reminded about the increasing threat, both in number and size, that ransomware incidents have on critical infrastructure in the United States and across the globe. The President has made strengthening our nation’s resilience from cyberattacks – against both the private and public sectors…

Critical Infrastructure Colleagues and Partners,   CISA is aware of the likelihood that cyber threat actors are attempting to exploit CVE-2021-21985, a remote code execution vulnerability in VMware vCenter Server and VMware Cloud Foundation.  This vulnerability was discussed on the May 27 CISA weekly SOC call.   Although patches were made available on May 25,…

  Critical Infrastructure Colleagues and Partners,   The impacts of the COVID-19 pandemic on the information and communications technology (ICT) sector’s supply chains are still unfolding. To understand how companies in this space have been impacted, and to identify lessons learned about supply chain vulnerabilities and the potential ways to address them going forward, the…

Partners,   Please see the attached memo from Anne Neuberger, Deputy Assistant to the President and Deputy National Security Advisor for Cyber and Emerging Technology, titled “What We Urge You To Do To Protect Against The Threat of Ransomware.”   Attached, you will also find the following: CISA Ransomware Guide “What We Urge You To…

About this event: Thursday, July 15, 2021 10:00 AM CDT Given today’s ever-changing threat environment, preparing for and training employees to cope with active threats and workplace violence should be a key piece of an organization’s emergency action plan. Discuss the elements of active shooter incident response planning with guidance from expert instructors. Describe common…

  Incident Response Training: Identify, Mitigate, Recover (IMR) series: To support the capacity of our nation’s cyber enterprise to “Defend Today, Secure Tomorrow” CISA has developed no-cost cybersecurity incident response training for government employees and contractors across Federal, State, Local, Tribal, and Territorial government, and is open to educational and critical infrastructure partners. IMR 000 –…

CISA has a YouTube channel with numerous informative videos addressing cyber and physical preparedness efforts. Visit CISA’s YouTube channel here. CISA works with businesses, communities, and government at every level to help make the nation’s critical infrastructure more resilient to cyber and physical threats. Everyone has a role securing the Nation’s critical infrastructure. Critical infrastructure…

  Critical Infrastructure Involved: Cyber, Energy (Oil), Transportation Systems (Pipelines) Summary: Colonial Pipeline initiated the restart of pipeline operations on May 12, at approximately 1700 ET.  Following this restart, it will take several days for the product delivery supply chain to return to normal. Some markets served by Colonial Pipeline may experience, or continue to experience, intermittent…

CISA’s ICT Supply Chain Risk Management (SCRM) Task Force is pleased to share two new resources that can assist organizations and businesses assess the trustworthiness of their vendors and suppliers: Mitigating ICT Supply Chain Risks with Qualified Bidder and Manufacturer Lists: In a digitally-connected world, protecting your organization’s information requires understanding not only your immediate…