CISA/DHS News

The Cybersecurity and Infrastructure Security Agency (CISA) is pleased to announce the release of a new resource titled, Security Planning Workbook, which can assist critical infrastructure owners and operators with developing a foundational security plan. This workbook is designed to be flexible and scalable to suit the needs of most facilities. It is intended for…

Welcome to April! The sight of robust commerce is a delight to me as the weather warms up. Tows are moving up and down the river beautifully. Your facilities are vital to this commerce, and I applaud you all on working so hard to keep our rivers active and safe. I wish I could tell you…

CSD Cyber Defense Education and Training (CDET) Offerings Highlights: What You Want to Know A new category has been added to FedVTE under the Cybersecurity Courses called Non-Technical Cybersecurity. Some new courses that fall into this category include Cloud Monitoring, Critical Infrastructure Protection, and Cybersecurity Investigations. To see the full list of available courses in…

In 2022, public safety officials, security professionals, and facility owners and operators experienced an unprecedented number of bomb threats and responded to hundreds of threats that disrupted daily lives and operations.  As an example, in the months of January and February Historically Black Colleges and Universities received over 65 bomb threats; in the months of…

The Cybersecurity and Infrastructure Security Agency (CISA) released a new Insights titled CISA Insights: Global Positioning System (GPS) Interference, which provides a summary of a January 2022 GPS interference event, recommended actions GPS users should take now to make their system resilient and avoid degradation of services, as well as guidance on how and when…

Enduring Security Framework (ESF) partners at the Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the Office of the Director of National Intelligence (ODNI) published an assessment of 5G network slicing. The paper, “Potential Threats to 5G Network Slicing,” is developed by industry and government experts of a working panel under…

The Cybersecurity and Infrastructure Security Agency (CISA) released an updated Infrastructure Resilience Planning Framework (IRPF) today to better help state, local, tribal, and territorial (SLTT) planners manage risk to critical infrastructure systems and enhance their resilience. First released in 2021, today’s update to the IRPF adds important new resources and tools to better support partners…

The Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the Office of the Director of National Intelligence (ODNI) partnered with industry and government experts under the Enduring Security Framework (ESF) to release “Securing the Software Supply Chain Recommended Practices Guide for Customers” and an accompanying fact sheet. In an effort to…

The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of the Health and Human Services (HHS) released a joint Cybersecurity Advisory (CSA) with technical details associated with Hive ransomware variants identified through FBI investigations as recently as November 2022. From June 2021 through at least November 2022, threat…

The Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) published a joint Cybersecurity Advisory (CSA) about suspected Iranian government-sponsored actors that compromised a federal civilian executive branch (FCEB) agency. The advisory, “Iranian Government-Sponsored APT Actors Compromise Federal Network, Deploy Crypto Miner, Credential Harvester” provides information on their tactics, techniques, and procedures…