ICS GovDelivery Email Topics


Cybersecurity and Infrastructure Security Agency (CISA) - Defend Today, Secure Tomorrow

At the Cybersecurity and Infrastructure Agency (CISA), we are vigilant about finding innovative ways to get you the most actionable cyber threat information when you need it most.

CISA has made improvements to email notifications. Our subscriber content lists have been updated. The previous Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) advisory topics have been consolidated to streamline information sharing.

As of Thursday, May 18, you will be subscribed to CISA’s ICS Cybersecurity Advisories and Medical Advisories email alerts. The information you will receive includes greater actionable threat and vulnerability data from CISA and our partners.

If you don’t want to receive our emails, you can just check unsubscribe to all emails under the manage subscription link.


This email was sent to wpd5gttr9c@smartcybersecurity.eu using GovDelivery Communications Cloud, on behalf of: Cybersecurity and Infrastructure Security Agency · 707 17th St, Suite 4000 · Denver, CO 80202 GovDelivery logo

Cisco Releases Security Updates for Enterprise NFV Infrastructure Software

05/05/2022 11:00 AM EDT

Original release date: May 5, 2022

Cisco has released security updates to address multiple vulnerabilities in Enterprise NFV Infrastructure Software. An attacker could exploit these vulnerabilities to take control of an affected system.  

CISA encourages users and administrators to review Cisco advisory cisco-sa-NFVIS-MUL-7DySRX9 and apply the necessary updates. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page

This product is provided subject to this Notification and this Privacy & Use policy.

Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure

04/20/2022 10:00 PM EDT

Original release date: April 20, 2022

The cybersecurity authorities of the United States, Australia, Canada, New Zealand, and the United Kingdom have released a joint Cybersecurity Advisory (CSA) to warn organizations that Russia’s invasion of Ukraine could expose organizations both within and beyond the region to increased malicious cyber activity from Russian state-sponsored cyber actors or Russian-aligned cybercrime groups.

Joint CSA: Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure, drafted with contributions from industry members of the Joint Cyber Defense Collaborative, provides an overview of Russian state-sponsored advanced persistent threat groups, Russian-aligned cyber threat groups, and Russian-aligned cybercrime groups to help the cybersecurity community protect against possible cyber threats.

U.S., Australian, Canadian, New Zealand, and UK cybersecurity authorities urge critical infrastructure network defenders to prepare for and mitigate potential cyber threats by hardening their cyber defenses as recommended in the [joint CSA].

For more information on current and historical Russian-state-sponsored cyber activity and recommended mitigations, see the following CISA webpages: 

This product is provided subject to this Notification and this Privacy & Use policy.

Improvements to Email Notifications


Cybersecurity and Infrastructure Security Agency (CISA) - Defend Today, Secure Tomorrow

At the Cybersecurity and Infrastructure Agency (CISA), we are vigilant about finding innovative ways to get you the most actionable cyber threat information when you need it most.

CISA has made improvements to email notifications and want to inform you that our subscriber content lists have been updated. The previous National Cybersecurity Awareness alert topics have been consolidated to streamline information. These new updates will make it easier and faster for you to receive the latest information on cybersecurity-related topics.

As of Thursday, March 31, you will be subscribed to CISA’s Cybersecurity Advisories and Vulnerability Bulletin email alerts. The information you will receive includes greater actionable threat and vulnerability data from CISA and our partners. It will go only get better from here!

If you don’t want to receive our emails, you can just check unsubscribe to all emails under the manage subscription link.


This email was sent to wpd5gttr9c@smartcybersecurity.eu using GovDelivery Communications Cloud, on behalf of: Cybersecurity and Infrastructure Security Agency · 707 17th St, Suite 4000 · Denver, CO 80202 GovDelivery logo

NSA Releases Network Infrastructure Security Guidance

03/03/2022 12:22 PM EST

Original release date: March 3, 2022

The National Security Agency (NSA) has released a new Cybersecurity Technical Report (CTR): Network Infrastructure Security Guidance. The report captures best practices based on the depth and breadth of experience in supporting customers and responding to threats. Recommendations include perimeter and internal network defenses to improve monitoring and access controls throughout the network.

CISA encourages network architects, defenders, and administrators to review NSA’s Network Infrastructure Security Guidance as well as CISA’s recently published Layering Network Security Through Segmentation infographic for assistance in hardening networks against cyber threats.

This product is provided subject to this Notification and this Privacy & Use policy.

CISA Insights: Foreign Influence Operations Targeting Critical Infrastructure

02/18/2022 05:23 PM EST

Original release date: February 18, 2022

CISA has released CISA Insights: Preparing for and Mitigating Foreign Influence Operations Targeting Critical Infrastructure, which provides proactive steps organizations can take to assess and mitigate risks from information manipulation. Malicious actors may use tactics—such as misinformation, disinformation, and malinformation—to shape public opinion, undermine trust, and amplify division, which can lead to impacts to critical functions and services across multiple sectors.
 
Current social factors—including heightened polarization and the ongoing global pandemic—increase the risk and potency of influence operations to U.S. critical infrastructure. CISA encourages leaders at all organizations to review the CISA Insights and follow the guidance to assess risk and increase resilience.

This product is provided subject to this Notification and this Privacy & Use policy.

CISA, FBI, and NSA Release Cybersecurity Advisory on Russian Cyber Threats to U.S. Critical Infrastructure

01/11/2022 10:00 AM EST

Original release date: January 11, 2022

CISA, the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) have released a joint Cybersecurity Advisory (CSA) that provides an overview of Russian state-sponsored cyber operations, including commonly observed tactics, techniques, and procedures. The CSA also provides detection actions, incident response guidance, and mitigations. CISA, the FBI, and NSA are releasing the joint CSA to help the cybersecurity community reduce the risk presented by Russian state-sponsored cyber threats.  

CISA, the FBI, and NSA encourage the cybersecurity community—especially critical infrastructure network defenders—to adopt a heightened state of awareness, conduct proactive threat hunting, and implement the mitigations identified in the joint CSA. CISA recommends network defenders review CISA’s Russia Cyber Threat Overview and Advisories page for more information on Russian state-sponsored malicious cyber activity. CISA recommends critical infrastructure leaders review CISA Insights: Preparing For and Mitigating Potential Cyber Threats for steps to proactively strengthen their organization’s operational resiliency against sophisticated threat actors, including nation-states and their proxies. 

This product is provided subject to this Notification and this Privacy & Use policy.

Immediate Steps to Strengthen Critical Infrastructure against Potential Cyberattacks

12/15/2021 08:10 AM EST

Original release date: December 15, 2021

In light of persistent and ongoing cyber threats, CISA urges critical infrastructure owners and operators to take immediate steps to strengthen their computer network defenses against potential cyberattacks. CISA has released CISA Insights: Preparing For and Mitigating Potential Cyber Threats to provide critical infrastructure leaders with steps to proactively strengthen their organization’s operational resiliency against sophisticated threat actors, including nation-states and their proxies.

CISA encourages leadership at all organizations—and critical infrastructure owners and operators in particular—to review the CISA Insights and adopt a heighted state of awareness.

This product is provided subject to this Notification and this Privacy & Use policy.

NSA and CISA Release Part III of Guidance on Securing 5G Cloud Infrastructures

12/02/2021 05:53 PM EST

Original release date: December 2, 2021

CISA has announced the joint National Security Agency (NSA) and CISA publication of the third of a four-part series, Security Guidance for 5G Cloud Infrastructures. Part III: Data Protection examines security during all phases of the data lifecycle—in transit, in use, and at rest. The guidance focuses on protecting the confidentiality, integrity, and availability of data within a 5G cloud infrastructure to protect sensitive information from unauthorized access. This series is being published under the Enduring Security Framework (ESF), a public-private cross-sector working group led by NSA and CISA.

CISA has also released a set of four 5G educational videos to enhance the awareness and importance of the safe and secure development and deployment of 5G infrastructure. 

CISA encourages 5G providers, integrators, and network operators to review the guidance and consider the recommendations. See CISA’s 5G Security and Resilience webpage for more information. 

This product is provided subject to this Notification and this Privacy & Use policy.

NSA-CISA Series on Securing 5G Cloud Infrastructures

10/28/2021 01:13 PM EDT

Original release date: October 28, 2021

The National Security Agency (NSA) and CISA have published the first of a four-part series, Security Guidance for 5G Cloud Infrastructures. Security Guidance for 5G Cloud Infrastructures – Part I: Prevent and Detect Lateral Movement provides recommendations for mitigating lateral movement attempts by threat actors who have gained initial access to cloud infrastructures. 

This guidance has been created by the Critical Infrastructure Partnership Advisory Council (CIPAC) Cross Sector Enduring Security Framework Working Group—a public-private working group that provides cybersecurity guidance addressing high-priority cyber threats to the nation’s critical infrastructure. 

CISA encourages 5G providers, integrators, and network operators to review the guidance and consider the recommendations.

This product is provided subject to this Notification and this Privacy & Use policy.