What/Who is Cisa?
On November 16, 2018, President Trump signed into law the Cybersecurity and Infrastructure Security Agency Act of 2018, which elevated the mission of the former NPPD within the Department of Homeland Security (DHS), establishing the Cybersecurity and Infrastructure Security Agency (CISA). CISA is a successor agency to NPPD and assists both other government agencies and private sector organizations in addressing infrastructure and cybersecurity issues.
IRPT works closely with CISA to inform the inland river industry of available training courses offered by CISA, current potential threats to infrastructure and/or cyber that could adversely impact industry, and free services CISA provides that are available to industry.
CISA subcomponents include the:
- Cybersecurity Division
- Infrastructure Security Division
- Emergency Communications Division
- National Risk Management Center
- Integrated Operations Division
- Stakeholder Engagement Division
- National Emergency Technology Guard (inactive, but can be activated by the director of CISA)
Regional/District Contacts:
CISA- Fire As A Weapon Action Guide
The Cybersecurity and Infrastructure Security Agency (CISA) is pleased to announce the updated Fire as a Weapon Action Guide to better understand the threats of fire as a weapon and help mitigate future attacks. In this action guide, CISA compiled notable events within the past year to capture the increased incidents of arson and incendiary…
Read MoreIndustrial Control Systems (ICS) Training
CISA is offering free training geared toward Critical Infrastructure owners/operators designed to reduce cybersecurity risks to critical infrastructure and encourage cooperation between CISA and the private sector. These 10 day trainings run from 9:00am-6:00pm CST. For more information regarding these trainings, visit the following link:
Read MoreCISA: CDET’s Cyber Training Bulletin
CISA has developed no-cost cybersecurity incident response training for government employees and contractors across Federal, State, Local, and is open to educational and critical infrastructure partners. This can be supplemental to other training resources that are available. Incident Response Training: Identify, Mitigate, Recover (IMR) series: To support the capacity of our nation’s cyber enterprise to…
Read MoreCISA Supply Chain Tools and Information
Partners, In recognition of National Supply Chain Integrity Month, the Cybersecurity and Infrastructure Security Agency (CISA) is partnering with the Office of the Director of National Intelligence (ODNI), the Department of Defense, and other government and industry partners to promote a call to action for a unified effort by organizations across the country to strengthen…
Read MoreCISA Releases Supplemental Guidance on Emergency Directive for Microsoft Exchange Server Vulnerabilities (TLP:WHITE)
CISA Releases Supplemental Guidance on Emergency Directive for Microsoft Exchange Server Vulnerabilities (TLP:WHITE) CISA has released (TLP:WHITE) Current Activity: CISA Releases Supplemental Guidance on Emergency Directive for Microsoft Exchange Server Vulnerabilities. CISA has issued supplemental direction to Emergency Directive (ED) 21-02: Mitigate Microsoft Exchange On-Premises Product Vulnerabilities providing additional forensic triage and server hardening…
Read MoreDHS/CISA: Active Shooter Webinars and Grant information
The TVTP Grant Program seeks to provide funding to applications that align with these objectives and that protect privacy, civil rights, and civil liberties. Applicants are required to conduct a rigorous needs assessment to outline what resources are already available in their area and what gaps need to be filled. All projects have required…
Read MoreCISA Releases Another Edition of the National Emergency Communications Plan Spotlight Series
The Cybersecurity and Infrastructure Security Agency (CISA) released its next National Emergency Communications Plan (NECP) Spotlight: Leveraging Mobile Applications to Bolster Emergency Alerts and Warnings cisa.gov/necp. This is the fourth Spotlight in a series of articles designed to demonstrate how the NECP’s recommendations apply within real-world events. This Spotlight examines three different mobile…
Read MoreCISA: MARs on Microsoft Exchange Vulnerabilities
CISA has published two TLP:WHITE Malware Analysis Reports (MARs) associated with Alert AA21-062A: Mitigate Microsoft Exchange Server Vulnerabilities (TLP:WHITE); details are provided below. MAR-10329496-1.v1: China Chopper Webshell https://us-cert.cisa.gov/ncas/analysis-reports/ar21-084a MAR-10329499-1.v1: China Chopper Webshell https://us-cert.cisa.gov/ncas/analysis-reports/ar21-084b V/r,
Read MoreCISA Hunt and Incident Response Program (CHIRP)
Critical Infrastructure Colleagues and Partners, CISA has released the CISA Hunt and Incident Response Program (CHIRP) – a forensics collection capability – to assist network defenders with detecting activity related to the supply chain compromises affecting SolarWinds and Active Directory/Microsoft 365. CHIRP is an open source project and is freely available to all…
Read MoreCISA: Counter Unmanned Aircraft Systems (CUAS) Webinar
Due to the overwhelming response in the number of individuals that have registered for our April 20, 2021, New Mexico Tech Counter-UAS Training Course, we are now hosting a second training course on April 27 to allow maximum participation. Registration for the April 27 course is below and attached. The Cybersecurity and Infrastructure Security Agency,…
Read More