What/Who is Cisa?
On November 16, 2018, President Trump signed into law the Cybersecurity and Infrastructure Security Agency Act of 2018, which elevated the mission of the former NPPD within the Department of Homeland Security (DHS), establishing the Cybersecurity and Infrastructure Security Agency (CISA). CISA is a successor agency to NPPD and assists both other government agencies and private sector organizations in addressing infrastructure and cybersecurity issues.
IRPT works closely with CISA to inform the inland river industry of available training courses offered by CISA, current potential threats to infrastructure and/or cyber that could adversely impact industry, and free services CISA provides that are available to industry.
CISA subcomponents include the:
- Cybersecurity Division
- Infrastructure Security Division
- Emergency Communications Division
- National Risk Management Center
- Integrated Operations Division
- Stakeholder Engagement Division
- National Emergency Technology Guard (inactive, but can be activated by the director of CISA)
The De-Escalation Series for Critical Infrastructure Owners and Operators contains four products to assist Critical Infrastructure Owners and Operators to recognize the warning signs of someone on a path to violence; assess if the situation or person of concern is escalating, or if an emergency response is needed immediately; de-escalate the situation currently taking…Read More
The Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI) and the National Security Agency (NSA) announced the release of an advisory today on the Conti ransomware threat, including technical details about cyber actors’ behavior mapped to MITRE ATT&CK and recommended mitigations. CISA and FBI have observed an increased use of Conti…Read More
CISA Releases Two ICT Supply Chain Resources to Improve Information Sharing and Assist Small and Medium-sized Businesses
Improving the quality and volume of supply chain risk information sharing among the federal government and private industry is necessary to obtain actionable information that could mitigate threats to the Nation’s ICT supply chain. Building off work completed in Years 1 and 2, the Task Force’s Information Sharing Working Group (WG1) developed the Preliminary Considerations…Read More
There are multiple dates available for each of the following training topics: AWR-333 – Improvised Explosive Device Construction and Classification (IED-CC): Provides foundational knowledge on the construction and classification of IEDs. [75 Min] AWR-334 – Introduction to the Terrorist Attack Cycle (ITAC): Introduces a model of the terrorist attack cycle that describes the nature of…Read More
Beginning next month, CISA Region 6 will host three virtual trainings each quarter for a combined four-part series. Kicking-off our Training Series Part I, Region 6 will host two cybersecurity workshops highlighting Cybersecurity Awareness Month in October and an Active Shooter Run/Hide/Fight presentation in November. For each series, I will send out a flyer/announcement that…Read More
Thursday, September 16, 2021 10:00 a.m. CDT (11:00 a.m. EDT) The Cybersecurity and Infrastructure Security Agency, Region 6 (Arkansas, Louisiana, New Mexico, Oklahoma, Texas) invites you to join a two-hour security webinar to enhance awareness of and response to an active shooter event. Discuss the elements of active shooter incident response planning with guidance from expert…Read More
Responding to, recovering from, and rebuilding after a physical or cyber incident can have a catastrophic impact on the daily operations of a business, yet businesses of all sizes struggle with the challenges of investment prioritization. Security not only safeguards business operations, but also enhances employee safety and a positive work culture, as well as…Read More
Partners, In recent months, various major cyber incidents have had an impact on our critical infrastructure community and caused downstream consequences to Americans that rely on it for everyday functions. The federal government, SLTT governments, and the private sector work tirelessly to strengthen our defensive posture, but none of us can do it alone. Today,…Read More
Cyber actors continue to exploit publicly known-and often dated-software vulnerabilities against broad target sets, including public and private sector organizations worldwide. However, entities worldwide can mitigate the vulnerabilities listed in this report by applying the available patches to their systems and implementing a centralized patch management system. Today, CISA, the Australian Cyber Security Centre (ACSC),…Read More
CISA/NSA/FBI: U.S. Government Releases Indictment and Several Advisories Detailing Chinese Cyber Threat Activity
As today’s announcement from the White House indicates, the cyber threat from the People’s Republic of China (PRC) continues to evolve and poses a real risk to the nation’s critical infrastructure, as well as businesses and organizations of all sizes at home and around the world. The Cybersecurity and Infrastructure Security Agency (CISA), in…Read More