The De-Escalation Series for Critical Infrastructure Owners and Operators contains four products to assist Critical Infrastructure Owners and Operators to recognize the warning signs of someone on a path to violence; assess if the situation or person of concern is escalating, or if an emergency response is needed immediately; de-escalate the situation currently taking…

  The Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI) and the National Security Agency (NSA) announced the release of an advisory today on the Conti ransomware threat, including technical details about cyber actors’ behavior mapped to MITRE ATT&CK and recommended mitigations. CISA and FBI have observed an increased use of Conti…

Improving the quality and volume of supply chain risk information sharing among the federal government and private industry is necessary to obtain actionable information that could mitigate threats to the Nation’s ICT supply chain. Building off work completed in Years 1 and 2, the Task Force’s Information Sharing Working Group (WG1) developed the Preliminary Considerations…

There are multiple dates available for each of the following training topics: AWR-333 – Improvised Explosive Device Construction and Classification (IED-CC): Provides foundational knowledge on the construction and classification of IEDs. [75 Min] AWR-334 – Introduction to the Terrorist Attack Cycle (ITAC): Introduces a model of the terrorist attack cycle that describes the nature of…

  Beginning next month, CISA Region 6 will host three virtual trainings each quarter for a combined four-part series. Kicking-off our Training Series Part I, Region 6 will host two cybersecurity workshops highlighting Cybersecurity Awareness Month in October and an Active Shooter Run/Hide/Fight presentation in November. For each series, I will send out a flyer/announcement that…

Thursday, September 16, 2021 10:00 a.m. CDT (11:00 a.m. EDT) The Cybersecurity and Infrastructure Security Agency, Region 6 (Arkansas, Louisiana, New Mexico, Oklahoma, Texas) invites you to join a two-hour security webinar to enhance awareness of and response to an active shooter event. Discuss the elements of active shooter incident response planning with guidance from expert…

Responding to, recovering from, and rebuilding after a physical or cyber incident can have a catastrophic impact on the daily operations of a business, yet businesses of all sizes struggle with the challenges of investment prioritization. Security not only safeguards business operations, but also enhances employee safety and a positive work culture, as well as…

Partners, In recent months, various major cyber incidents have had an impact on our critical infrastructure community and caused downstream consequences to Americans that rely on it for everyday functions. The federal government, SLTT governments, and the private sector work tirelessly to strengthen our defensive posture, but none of us can do it alone. Today,…

Cyber actors continue to exploit publicly known-and often dated-software vulnerabilities against broad target sets, including public and private sector organizations worldwide. However, entities worldwide can mitigate the vulnerabilities listed in this report by applying the available patches to their systems and implementing a centralized patch management system. Today, CISA, the Australian Cyber Security Centre (ACSC),…

  As today’s announcement from the White House indicates, the cyber threat from the People’s Republic of China (PRC) continues to evolve and poses a real risk to the nation’s critical infrastructure, as well as businesses and organizations of all sizes at home and around the world. The Cybersecurity and Infrastructure Security Agency (CISA), in…