What/Who is Cisa?

On November 16, 2018, President Trump signed into law the Cybersecurity and Infrastructure Security Agency Act of 2018, which elevated the mission of the former NPPD within the Department of Homeland Security (DHS), establishing the Cybersecurity and Infrastructure Security Agency (CISA).  CISA is a successor agency to NPPD and assists both other government agencies and private sector organizations in addressing infrastructure and cybersecurity issues.

IRPT works closely with CISA to inform the inland river industry of available training courses offered by CISA, current potential threats to infrastructure and/or cyber that could adversely impact industry, and free services CISA provides that are available to industry.

CISA subcomponents include the:

 

Regional/District Contacts:

CISA Region VI Critical Manufacturing Roundtable

By Dede Smith | March 16, 2021

    Critical Infrastructure Partners, You are cordially invited to participate in the Region VI Critical Manufacturing (CM) Sector Security Roundtable webinar being held Thursday, March 25th. This unique opportunity is available to manufacturing stakeholders from Arkansas, Louisiana, New Mexico, Oklahoma, and Texas. This Security Roundtable is an exciting opportunity to bring together Region VI…

Read More

CISA Web Page Strongly Urges All Organizations to Immediately Address Microsoft Exchange Vulnerabilities

By Dede Smith | March 9, 2021

CISA has published a web page that strongly urges all organizations to immediately address the recent Microsoft Exchange Server product vulnerabilities. As exploitation of these vulnerabilities is widespread and indiscriminate, CISA strongly advises organizations follow the guidance laid out in the web page. The guidance provides specific steps for both leaders and IT security staff…

Read More

CISA: Microsoft IOC Detection Tool and Alternative Mitigation Techniques for Exchange Server Vulnerabilities

By Dede Smith | March 8, 2021

Greetings, Microsoft has released an updated script that scans Exchange log files for indicators of compromise (IOCs) associated with the vulnerabilities disclosed on March 2, 2021. CISA is aware of widespread domestic and international exploitation of these vulnerabilities and strongly recommends organizations run the Test-ProxyLogon.ps1 script-as soon as possible-to help determine whether their systems are…

Read More

CISA: Partner Call on Active Exploitation of Microsoft Vulnerability

By Dede Smith | March 4, 2021

  Critical Infrastructure Colleagues and Partners, The Cybersecurity and Infrastructure Security Agency (CISA) invites you to participate on a call Friday, March 5, 2021, at 12 pm Eastern addressing active exploitation of a vulnerability in affecting Microsoft Exchange Server 2013, 2016, and 2019. Microsoft recently released out-of-band security updates to address these vulnerabilities. This call…

Read More

Joint CISA and CYBER.org Cyber Safety Video Series

By Dede Smith | February 9, 2021

  The Cybersecurity and Infrastructure Security Agency (CISA) and CYBER.ORG jointly announced a cyber safety video series to help those learning or working online take proactive steps to protect themselves and their business. CYBER.ORG is a cybersecurity workforce development organization that targets K-12 students with cyber career awareness, curricular resources, and teacher professional development. However,…

Read More

CISA Webinar: Security and Protection of Dams and Levees

By Dede Smith | February 9, 2021

    The Dams Sector Risk Management Agency will be hosting an Introduction to Security and Protection of Dams and Levees Webinar on Tuesday, March 16, 2021 from 1:00-3:00 p.m. (EST). Attached is more information on the webinar. This webinar is a 101-level webinar that highlights fundamental aspects of security and protection for Dams Sector…

Read More

CISA: Personal Security Considerations Fact Sheet

By Dede Smith | January 14, 2021

  Critical Infrastructure Colleagues and Partners, The Cybersecurity and Infrastructure Security Agency (CISA) has released a Personal Security Considerations fact sheet. This document encourages critical infrastructure owners and their personnel to remain vigilant and report suspicious behavior that individuals may exhibit in order to thwart an attack. It also contains several easily implementable security measures…

Read More

CISA Releases Cybersecurity and Physical Security Convergence Action Guide

By Dede Smith | January 7, 2021

  Critical Infrastructure Colleagues,   The Cybersecurity and Infrastructure Security Agency (CISA) is pleased to announce the publication of the Cybersecurity and Physical Security Convergence Action Guide, which provides guidance on converging cybersecurity and physical security functions to better position organizations to mitigate cyber-physical threats.   Convergence is defined as formal collaboration between previously disjointed…

Read More

CISA: Active Exploitation of SolarWinds Software

By Dede Smith | December 15, 2020

  (TLP:WHITE) *URGENT* Message from CISA: Active Exploitation of SolarWinds Software   Volexity has released “Dark Halo Leverages SolarWinds Compromise to Breach Organizations,” outlining technical details about methods of the actor they believe was involved in this activity:   To learn more, please click here.   V/R,   CyberLiaison Cybersecurity Division Cybersecurity and Infrastructure Security…

Read More

CISA Publishes- Port Facility Cyber Risk Infographic

By Dede Smith | December 4, 2020

  CISA Publishes- Port Facility Cyber Risk Infographic   The Cybersecurity and Infrastructure Security Agency (CISA), in coordination with other federal and private sector partners, is working to develop a better understanding of cybersecurity risk to maritime facilities.   In support of this effort, CISA has made available its Port Facility Cybersecurity Risks Infographic to…

Read More