CISA Community Bulletin November 2024

November 2024 Issue

The CISA Community Bulletin is a monthly publication that shares cybersecurity webinars and workshops, new publications and best practices. In this month's edition:

•  Announcements

  • Cybersecurity Awareness Month 2024 Post-Campaign Highlights
  • Third Anniversary of ChemLock
  • First Class of FY25 for the Seaport Security Antiterrorism Training Program (SSATP) Graduates

• Partnerships

  • Times Square Release of Our New Secure Our World Animation
• Information Exchange
  • CISA, FBI, NSA, and International Partners Release Advisory on Iranian Cyber Actors Targeting Critical Infrastructure Organizations Using Brute Force
• Education and Training and Workshops
  
  • Quarterly ChemLock Trainings - ChemLock: Introduction to Chemical Security
  • Quarterly ChemLock Trainings - ChemLock: Secure Your Chemicals Security Planning
  • ISD Security Programs: Upcoming Interagency Security Committee Risk Management Process & Facility Security Committee Trainings
  • ISD School Safety: CISA Releases Anonymous Threat Response Guidance and Toolkit for K-12 Schools
  • ISD Bombing Prevention: CISA OBP to Lead Workshops at the 2024 EOD Technology and Bombing Prevention Summit

To see the latest CISA Cybersecurity Alerts and Advisories visit Cybersecurity Alerts & Advisories | CISA

Report a Cyber Incident

CISA provides secure means for constituents and partners to report incidents, phishing attempts, malware, and vulnerabilities.

Report a Cybersecurity Incident: Report anomalous cyber activity and/or cyber incidents 24/7 to SayCISA@cisa.dhs.gov or 1-844-Say-CISA.

• Report an Incident
• Report Phishing
• Report a Vulnerability

Report incidents as defined by NIST Special Publication 800-61 Rev 2, to include

• Attempts to gain unauthorized access to a system or its data,
• Unwanted disruption or denial of service, or
• Abuse or misuse of a system or data in violation of policy.

Federal incident notification guidelines, including definitions and reporting timeframes can be found here.

To report anomalous cyber activity and/or cyber incidents 24/7, email SayCISA@cisa.dhs.gov or call 1-844-Say-CISA or 844-729-2472

A public service announcement on behalf of DHS Know2Protect Campaign on How to Report Online Child Sexual Exploitation and Abuse (CSEA)

Online child sexual exploitation and abuse (CSEA) is a serious crime that is never the victim’s fault. Stopping exploitation usually requires a victim to come forward to someone they trust — a parent, teacher, caregiver, law enforcement official or another trusted adult. This requires a lot of vulnerability from the victim. It is important to help them gather information to report the crime, choose an option with which they are comfortable and support them through this process.

To submit a report, you can do so through one of the following ways:

• Contact your local, state, or tribal law enforcement officials directly. Call 911 in an emergency.
• Call the Know2Protect Tipline at 833-591-KNOW (5669). All information received via the Tipline will be reviewed by appropriate personnel and referred to Homeland Security Investigations field offices for potential investigation.
• Submit a report with the National Center for Missing and Exploited Children.

Cybersecurity Awareness Month 2024 Post-Campaign Highlights

Third Anniversary of ChemLock

This November marks the third anniversary of ChemLock, CISA’s voluntary chemical security program. ChemLock provides no-cost services and tools to the more than 100,000 facilities nationwide that possess dangerous chemicals. Since it launched in November 2021, ChemLock has been helping chemical facilities understand their risks and enhance their chemical security posture in a way that works for their business model. ChemLock leverages CISA’s chemical security expertise from more than 15 years of managing the Chemical Facility Anti-Terrorism Standards (CFATS) program. ChemLock services and tools include: On-site assessments and assistance Guidance documents, templates, and flyers Exercises and drills Training courses Special access to other CISA services, such as active shooter preparedness, cyber hygiene, unmanned aircraft systems, and more Today, more than ever, the future of our nation’s chemical security is dependent on the partnerships built between industry and government. CISA understands that our private sector partners cannot and should not have to face today’s many threats alone. Visit the ChemLock webpage or contact us today at ChemLock@mail.cisa.dhs.gov to learn more about how CISA can help you ensure that dangerous chemicals at your facility are not weaponized. Together, we can keep our country and communities safe.

First Class of FY25 for the Seaport Security Antiterrorism Training Program (SSATP) Graduates

Allow us to introduce the first graduation class of FY25 for the Seaport Security Antiterrorism Training Program (SSATP)! This program is specifically designed to meet the security needs of Port Security personnel and involves a cooperative effort from Federal, State, and Local law enforcement agencies. SSATP addresses the needs of all jurisdictions at the seaport and is vital for enhancing layered seaport security and protecting against terrorism. Conducted as a center advanced training program, it is offered to law enforcement, military, and port authority personnel.

Congratulations to the graduates who are now better equipped to keep our seaports safe!

Times Square Release of Our New Secure Our World Animation

It was great to be back in TimesSquare to release our new SecureOurWorld animation. We lit up the Nasdaq Tower to help show everyone how to stay safe online. Thanks to National Cybersecurity Alliance and Nasdaq for the collab this CybersecurityAwarenesMonth.

CISA, FBI, NSA, and International Partners Release Advisory on Iranian Cyber Actors Targeting Critical Infrastructure Organizations Using Brute Force

CISA—with the Federal Bureau of Investigation (FBI), the National Security Agency (NSA), and international partners—released joint Cybersecurity Advisory Iranian Cyber Actors Brute Force and Credential Access Activity Compromises Critical Infrastructure. This advisory provides known indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) used by Iranian actors to impact organizations across multiple critical infrastructure sectors. Since October 2023, Iranian actors have used brute force and password spraying to compromise user accounts and obtain access to organizations in the healthcare and public health (HPH), government, information technology, engineering, and energy sectors. CISA and partners recommend critical infrastructure organizations follow the provided guidance, as well as ensure all accounts use strong passwords and register a second form of authentication. For more information on Iranian state-sponsored threat actor activity, see CISA’s Iran Cyber Threat Overview and Advisories page. Visit CISA’s Cross-Sector Cybersecurity Performance Goals for more information on the CPGs, including more recommended baseline protections.

CISA Education and Training 

CISA offers a variety of free courses and scheduled training events. For a complete list, visit the links below:

Quarterly ChemLock Trainings - ChemLock: Introduction to Chemical Security

CISA’s ChemLock program provides the ChemLock training courses every quarter on a first-come, first-serve basis.

ChemLock: Introduction to Chemical Security

This course provides an introduction to identifying, assessing, evaluating, and mitigating chemical security risks. This easy-to-understand overview identifies key components and best practices of chemical security awareness and planning to help kickstart chemical security discussions at your facility.

This course runs 1-2 hours in length and is appropriate for all personnel regardless of their level of involvement with dangerous chemicals.

• Register for January 15, 2025 – 1-3 p.m. ET
• Register for April 15, 2025 – 11 a.m.-1 p.m. ET
• Register for July 17, 2025 – 2-4 p.m. ET

Quarterly ChemLock Trainings - ChemLock: Secure Your Chemicals Security Planning

This course walks through how to create a tailored, scalable security plan that meets the business model and unique circumstances of a facility. Participants will learn the key elements of a chemical security plan and benefit from examples, lessons learned, and best practices.

This course runs 2-3 hours in length and is designed to help leadership, facility security personnel, and other applicable personnel understand, develop, and implement a facility security plan.

• Register for November 7, 2024 – 1-4 p.m. ET
• Register for February 18, 2025 – 12-3 p.m. ET
• Register for May 21, 2025 – 10 a.m.-1 p.m. ET
• Register for August 21, 2025 – 1-4 p.m. ET

For more information or to request a specific training for your facility, please visit the ChemLock Training webpage.

ISD Security Programs: Upcoming Interagency Security Committee Risk Management Process & Facility Security Committee Trainings

The Interagency Security Committee (ISC) invites you to participate in its award winning Risk Management Process (RMP) and Facility Security Committee (FSC) Training. This training provides an understanding of the ISC, the ISC Risk Management Process Standard (RMP Standard), and the roles and responsibilities of a Facility Security Committee (FSC). The course fulfills the necessary training requirements for FSC membership and is valuable for executives; managers; and personnel involved in making facility funding, leasing, security, or other risk management decisions. Participants will receive continuing education units through the International Association for Continuing Education and Training upon completion of the course. The ISC offers the training at no cost to participants. The schedule for upcoming in-person and virtual trainings is below.    In-Person Trainings:                 December 3, 2024 – Arlington, VA at 9:00 a.m. ET January 9, 2025 – Grand Rapids, MI at 8:30 a.m. ET Virtual, Instructor-Led Trainings:  November 5-6, 2024 – 9 a.m. CT December 10-11, 2024 – 9 a.m. PT January 28-29, 2025 – 9 a.m. ET For the full list of future trainings visit the ISC training webpage. To register for any of these courses, please email the ISC Training Team at rmp_fsctrng@mail.cisa.dhs.gov or visit our website. We look forward to seeing you.

ISD School Safety: CISA Releases Anonymous Threat Response Guidance and Toolkit for K-12 Schools

CISA released the K-12 Anonymized Threat Response Guidance, a new resource to help K-12 schools and law enforcement and community partners assess, respond to and prepare for anonymous threats of violence, including those received on social media. The guidance includes a toolkit and accompanying reference guide that outline six key strategies to help K-12 stakeholders create tailored approaches to addressing anonymous threats. It also includes specific information on how K-12 organizations can work with law enforcement and other local partners when threats arise. Both resources were co-sealed with the Federal Bureau of Investigation and announced at CISA’s 2024 National Summit on K-12 School Safety and Security. Learn more at cisa.gov/resources-tools/resources/k-12-anonymized-threat-response-guidance.

ISD Bombing Prevention: CISA OBP to Lead Workshops at the 2024 EOD Technology and Bombing Prevention Summit

From December 3-5, 2024, military explosive ordnance disposal (EOD) technicians, public safety bomb technicians, international partners and government and industry leaders in the explosives sector will converge in National Harbor, MD, to network and participate in a variety of counter-improvised explosive device (C-IED) forums and sessions. Over three days, attendees will have the opportunity to share best practices and resources while increasing awareness of evolving tactics and gaining insights on comprehensive risk mitigation approaches. As part of the CISA Office for Bombing Prevention’s (OBP) mission to deter and mitigate bombing incidents, representatives from across the Office will host workshops, conduct training sessions and lead briefings related to threats in this sector.  Additionally, CISA OBP will host an exhibit where attendees can learn more about the new products, resources and services that the Office provides. For non-CISA personnel who wish to attend the Summit, register here for complimentary general admission. For additional information, please email OBP@mail.cisa.dhs.gov. We encourage you to share this event announcement with your colleagues and peers. To learn more about CISA OBP, visit Office for Bombing Prevention | CISA.

The CISA Community Bulletin is a monthly publication that shares cybersecurity webinars and workshops, new publications, and best practices.

To access past editions of this CISA Community Bulletin newsletter, please visit the CISA Community Bulletin archive.