What/Who is Cisa?

On November 16, 2018, President Trump signed into law the Cybersecurity and Infrastructure Security Agency Act of 2018, which elevated the mission of the former NPPD within the Department of Homeland Security (DHS), establishing the Cybersecurity and Infrastructure Security Agency (CISA).  CISA is a successor agency to NPPD and assists both other government agencies and private sector organizations in addressing infrastructure and cybersecurity issues.

IRPT works closely with CISA to inform the inland river industry of available training courses offered by CISA, current potential threats to infrastructure and/or cyber that could adversely impact industry, and free services CISA provides that are available to industry.

CISA subcomponents include the:

 

Regional/District Contacts:

Business Case for Security

By Aimee Andres | August 13, 2021

Responding to, recovering from, and rebuilding after a physical or cyber incident can have a catastrophic impact on the daily operations of a business, yet businesses of all sizes struggle with the challenges of investment prioritization. Security not only safeguards business operations, but also enhances employee safety and a positive work culture, as well as…

Read More

CISA Launches New Joint Cyber Defense Collaborative

By Crystal Hutchinson | August 6, 2021

Partners, In recent months, various major cyber incidents have had an impact on our critical infrastructure community and caused downstream consequences to Americans that rely on it for everyday functions. The federal government, SLTT governments, and the private sector work tirelessly to strengthen our defensive posture, but none of us can do it alone. Today,…

Read More

CISA, FBI, ACSC, and UK NCSC Release Top Routinely Exploited Vulnerabilities

By Crystal Hutchinson | July 29, 2021

Cyber actors continue to exploit publicly known-and often dated-software vulnerabilities against broad target sets, including public and private sector organizations worldwide. However, entities worldwide can mitigate the vulnerabilities listed in this report by applying the available patches to their systems and implementing a centralized patch management system. Today, CISA, the Australian Cyber Security Centre (ACSC),…

Read More

CISA/NSA/FBI: U.S. Government Releases Indictment and Several Advisories Detailing Chinese Cyber Threat Activity

By Crystal Hutchinson | July 21, 2021

  As today’s announcement from the White House indicates, the cyber threat from the People’s Republic of China (PRC) continues to evolve and poses a real risk to the nation’s critical infrastructure, as well as businesses and organizations of all sizes at home and around the world. The Cybersecurity and Infrastructure Security Agency (CISA), in…

Read More

CISA/FBI: Significant Historical Cyber-Intrusion Campaigns Targeting ICS

By Crystal Hutchinson | July 21, 2021

To raise awareness of the risks to-and improve the cyber protection of-critical infrastructure, CISA and the Federal Bureau of Investigation (FBI) have released a Joint Cybersecurity Advisory as well as updates to five alerts and advisories. These alerts and advisories contain information on historical cyber-intrusion campaigns that have targeted ICS: Joint Cybersecurity Advisory 2011 Gas…

Read More

CISA-FBI Guidance for MSPs and their Customers Affected by the Kaseya VSA Supply-Chain Ransomware Attack

By Crystal Hutchinson | July 7, 2021

Importance: High     CISA and the FBI continue to respond to the recent supply-chain ransomware attack leveraging a vulnerability in Kaseya VSA software against multiple managed service providers (MSPs) and their customers. CISA and FBI strongly urge affected MSPs and their customers to follow the guidance below.     Contact Kaseya at support@kaseya.com with…

Read More

Joint CSA: Russian Global Brute Force Campaign

By Crystal Hutchinson | July 2, 2021

  The National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and the UK’s National Cyber Security Centre (NCSC) have released Joint Cybersecurity Advisory (CSA): Russian GRU Conducting Global Brute Force Campaign to Compromise Enterprise and Cloud Environments.   The CSA provides details on the campaign, which is being…

Read More

OBP Virtual Instructor-Led Training (VILT) Awareness Courses – July Schedule Open for Registration

By Crystal Hutchinson | June 22, 2021

The Office for Bombing Prevention (OBP) Virtual Instructor-Led Training (VILT) July Course Schedule has been published.  If you feel that your state would benefit from this type of awareness training, please feel free to distribute.     The Cybersecurity and Infrastructure Security Agency (CISA), Office for Bombing Prevention (OBP) and the Center for Domestic Preparedness have…

Read More

CISA: Rising Ransomware Threat to Operational Technology Assets – Fact Sheet

By Crystal Hutchinson | June 9, 2021

Critical Infrastructure Partners,   With every headline in the news, we are reminded about the increasing threat, both in number and size, that ransomware incidents have on critical infrastructure in the United States and across the globe. The President has made strengthening our nation’s resilience from cyberattacks – against both the private and public sectors…

Read More

CISA: Critical VMware vulnerability, patch immediately if found

By Crystal Hutchinson | June 8, 2021

Critical Infrastructure Colleagues and Partners,   CISA is aware of the likelihood that cyber threat actors are attempting to exploit CVE-2021-21985, a remote code execution vulnerability in VMware vCenter Server and VMware Cloud Foundation.  This vulnerability was discussed on the May 27 CISA weekly SOC call.   Although patches were made available on May 25,…

Read More