What/Who is Cisa?
On November 16, 2018, President Trump signed into law the Cybersecurity and Infrastructure Security Agency Act of 2018, which elevated the mission of the former NPPD within the Department of Homeland Security (DHS), establishing the Cybersecurity and Infrastructure Security Agency (CISA). CISA is a successor agency to NPPD and assists both other government agencies and private sector organizations in addressing infrastructure and cybersecurity issues.
IRPT works closely with CISA to inform the inland river industry of available training courses offered by CISA, current potential threats to infrastructure and/or cyber that could adversely impact industry, and free services CISA provides that are available to industry.
CISA subcomponents include the:
- Cybersecurity Division
- Infrastructure Security Division
- Emergency Communications Division
- National Risk Management Center
- Integrated Operations Division
- Stakeholder Engagement Division
- National Emergency Technology Guard (inactive, but can be activated by the director of CISA)
The Office for Bombing Prevention (OBP) Virtual Instructor-Led Training (VILT) July Course Schedule has been published. If you feel that your state would benefit from this type of awareness training, please feel free to distribute. The Cybersecurity and Infrastructure Security Agency (CISA), Office for Bombing Prevention (OBP) and the Center for Domestic Preparedness have…Read More
Critical Infrastructure Partners, With every headline in the news, we are reminded about the increasing threat, both in number and size, that ransomware incidents have on critical infrastructure in the United States and across the globe. The President has made strengthening our nation’s resilience from cyberattacks – against both the private and public sectors…Read More
Critical Infrastructure Colleagues and Partners, CISA is aware of the likelihood that cyber threat actors are attempting to exploit CVE-2021-21985, a remote code execution vulnerability in VMware vCenter Server and VMware Cloud Foundation. This vulnerability was discussed on the May 27 CISA weekly SOC call. Although patches were made available on May 25,…Read More
CISA: Information and Communication Technology Supply Chain – Lessons Learned During the COVID-19 Pandemic
Critical Infrastructure Colleagues and Partners, The impacts of the COVID-19 pandemic on the information and communications technology (ICT) sector’s supply chains are still unfolding. To understand how companies in this space have been impacted, and to identify lessons learned about supply chain vulnerabilities and the potential ways to address them going forward, the…Read More
Partners, Please see the attached memo from Anne Neuberger, Deputy Assistant to the President and Deputy National Security Advisor for Cyber and Emerging Technology, titled “What We Urge You To Do To Protect Against The Threat of Ransomware.” Attached, you will also find the following: CISA Ransomware Guide “What We Urge You To…Read More
About this event: Thursday, July 15, 2021 10:00 AM CDT Given today’s ever-changing threat environment, preparing for and training employees to cope with active threats and workplace violence should be a key piece of an organization’s emergency action plan. Discuss the elements of active shooter incident response planning with guidance from expert instructors. Describe common…Read More
Incident Response Training: Identify, Mitigate, Recover (IMR) series: To support the capacity of our nation’s cyber enterprise to “Defend Today, Secure Tomorrow” CISA has developed no-cost cybersecurity incident response training for government employees and contractors across Federal, State, Local, Tribal, and Territorial government, and is open to educational and critical infrastructure partners. IMR 000 –…Read More
CISA has a YouTube channel with numerous informative videos addressing cyber and physical preparedness efforts. Visit CISA’s YouTube channel here. CISA works with businesses, communities, and government at every level to help make the nation’s critical infrastructure more resilient to cyber and physical threats. Everyone has a role securing the Nation’s critical infrastructure. Critical infrastructure…Read More
Critical Infrastructure Involved: Cyber, Energy (Oil), Transportation Systems (Pipelines) Summary: Colonial Pipeline initiated the restart of pipeline operations on May 12, at approximately 1700 ET. Following this restart, it will take several days for the product delivery supply chain to return to normal. Some markets served by Colonial Pipeline may experience, or continue to experience, intermittent…Read More
CISA’s ICT Supply Chain Risk Management (SCRM) Task Force is pleased to share two new resources that can assist organizations and businesses assess the trustworthiness of their vendors and suppliers: Mitigating ICT Supply Chain Risks with Qualified Bidder and Manufacturer Lists: In a digitally-connected world, protecting your organization’s information requires understanding not only your immediate…Read More