April 13, 2022 - Representatives from Cyber Huntsville supported a cybersecurity panel discussion for a Kyrgyzstan Cyber Delegation visiting Alabama. Global Ties Alabama brings leaders from across the world to Alabama to showcase and exchange ideas on key topics.  The Kyrgyzstan delegation was part of a US State Department sponsored program to support emerging democracies by promoting cybersecurity. There was much discussion on how Cyber Huntsville was formed, our successful sponsorship of projects such as US Cyber Camp and the National Cyber Summit, and how we’ve grown to a successful organization. Perhaps we planted a seed of an idea that could grow into a Cyber Kyrgyzstan organization modeled after Cyber Huntsville. Pictured is the Kyrgyzstan delegation along with Cyber Huntsville Board Members Larry Burger, Chris Patty, Nisheeth Agrawal, and Brandon Umphrey.

ICSJWG 2022 SPRING VIRTUAL MEETING

April 26 – 27, 2022

 

The ICSJWG is excited to announce that the registration for the ICSJWG 2022 Spring Virtual Meeting has now opened!

Register for the meeting < https://gateway.on24.com/wcc/eh/3643772/icsjwg-2022-spring-virtual-meeting >  no later than April 25, 2022. The registration URL can also be found on our webpage, www.cisa.gov/ICSJWG > . There is no cost to virtually attend this event.

The registration link will take you to the Spring Meeting engagement hub, where you can review all of the presentations for each day.During registration, you can select any webcast, which will register you for all sessions on the agenda. Clicking on each webcast title will provide you with more information about the session and allow you to add it to your calendar.

During the meeting, return to the engagement hub and click on the title of any presentation of interest and enter your email address used during your initial registration and enjoy the presentation!

We are excited about the offerings for the upcoming virtual meeting!

Virtual Meeting Highlights

·       The 2022 Spring Meeting kicks off on April 26, 2022, with an overview by Nitin Natarajan, Deputy Director of CISA, covering current CISA initiatives to collaborate with our private partners in “Public & Private Partnerships in ICS – A Unified Effort.” The day then continues with an agenda filled with informative presentations.

·       A ‘Capture the Flag’ activity is available from Saturday, April 23, starting at 10 a.m., through noon on Wednesday, April 27. The CTF exposes analysts to hunting across ICS networks for malicious behavior, with puzzles appropriate for both the beginner and the experienced analyst. Challenges include artifacts generated from IT/OT host forensic data, network data (from both Bro logs and PCAP), and OT equipment actively being exploited by a threat actor. The CTF will be accessible remotely across the internet. Some of the gamesrequire a computer that can run common cyber analytical tools such as Wireshark.You can register for the CTF at ICSJWGCTF.com starting at 10 a.m. on Saturday, April 23, 2022.

·       The CISA ICS Training updated overview will be provided on April 27. The Cyber-CHAMP© model has been created to help both IT and OT practitioners by synthesizing industry standards such as the NICE NIST Cybersecurity Workforce Framework. Specifically, the model is built to be applied at the practitioner level, accounts for any role in an organization, and can be deployed by any size or type of organization.

·       The Technical Workshop returns on April 27 with presentation topics, including Case Studies of Cyber Attack Precursors in the OT Environment, Ransomware Considerations for OT Environments, and ATT&CK in the CELR.

 

All webcasts will be recorded for on-demand viewing and review, provided the presenter has released the material for on-demand viewing.

Additional Information

For additional information, please contact us at ICSJWG.Communications@cisa.dhs.gov 

 

Cybersecurity and Infrastructure Security Agency (CISA)

U.S. Department of Homeland Security (DHS)

 

NIST has issued a Request for Information (RFI) in the Federal Register to gather information about evaluating and improving cybersecurity resources for the cybersecurity framework and cybersecurity supply chain risk management.

All relevant comments must be submitted by 04/25/2022.

• Written comments in response to this RFI may be submitted by mail to Cybersecurity Framework, National Institute of Standards and Technology, 100 Bureau Drive, Stop 2000, Gaithersburg, MD 20899.
• Online submissions in electronic form may be sent to CSF-SCRM-RFI@nist.gov. 
• Cite “RFI: Evaluating and Improving Cybersecurity Resources: The Cybersecurity Framework and Cybersecurity Supply Chain Risk Management” in all correspondence. 

The Biden-Harris Administration released its vision for the Indo-Pacific region. Its central focus is sustained and creative collaboration with allies, partners, and institutions, within the region and beyond it.

https://www.whitehouse.gov/briefing-room/speeches-remarks/2022/02/11/fact-sheet-indo-pacific-strategy-of-the-united-states/

The rising geopolitical tensions in Eastern Europe have prompted the U.S. Department of Homeland Security’s Cyber and Infrastructure Security Agency to issue a “shields up” advisory (www.cisa.gov/shields-up). The defense industrial base is one of 16 official U.S. critical infrastructure sectors. Via a Defense Department communication received this morning, we encourage you to do three things.

1. Heed the advisory.
2. Report Cyber Incidents. DFARS 252.204-7012 stipulates a contractor’s requirement to rapidly report cyber incidents impacting Covered Defense Information (CDI) and/or the ability to perform operationally critical support within 72 hours of discovery to https://dibnet.dod.mil. For questions or more information, contact DCISE (DC3.DCISE@us.af.mil or call the 24/7 Hotline at 1-877-838-2174).
3. Get Assistance and Partner. These three organizations can assist you.
   • DoD Cyber Crime Center’s (DC3) DoD- Defense Industrial Base Collaboration Information Sharing Environment (DCISE) – www.dc3.mil; DC3.DCISE@us.af.mil; 24/7 Hotline – 1-877-838-2174
   • National Security Agency’s Cybersecurity Collaboration Center (CCC) – https://www.nsa.gov/About/Cybersecurity-Collaboration-Center
   • National Defense Information Sharing and Analysis Center (ND-ISAC) – ND-ISAC is the official ISAC for the DIB Critical Infrastructure Sector recognized by DoD and DHS. The ND-ISAC is a private sector self-organized and self-governing entity; it is a trusted partner providing exceptional technical solutions and support to its members. Please email Info@NDISAC.org to contact the team or see ND-ISAC’s public-facing website at www.ndisac.org.

© 2022 National Defense Industrial Association

Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure

CISA updated an alert issued for Critical Infrastructure.  DHS Critical Infrastructure includes many of our member industries, such as:

• Defense Industrial Base
• Communications and Energy
• Critical Manufacturing, which includes automobiles

Review the alert to stay up to date on best practices recommendations.

September 21-22, 2022

Join Women in Cybersecurity for WiCyS Northern Alabama live, their first face to face event. Network with cyber professionals and learn more about WiCyS. There will be Amazon gift card giveaways. Pizza and charcuterie on WiCyS! Beverages on you! There will be alcoholic and non-alcoholic options available.

Thursday, June 10, 2021, 5:00 PM – 7:00 PM at Innerspace Brewing Company 2414 Clinton Avenue West Huntsville, AL 35805

This is a FREE event. 

----> REGISTER TODAY <-----

NAC-ISSA’s May lunch will be held live on Thursday, May 20, at 11:30AM.  We will return to 655 Discovery Drive with Walton’s Southern Table catering.  For this event, our sponsor will be virtual but you can join your peers for food and networking as we hear about Arista’s Awake security solution in the 655 Discovery auditorium.  Thank you to i3 and Allen Cloar for being our host at the facility.

Awake Security is the only advanced network detection and response solution that delivers answers, not alerts.  In the demo of Awake’s AI-driven platform we will showcase the capabilities with a demonstration of the key use cases and workflows designed to help customers speed up detection, response and remediation.

Join this session to learn:

How Awake delivers correlated, autonomous threat detection and visibility with the greatest accuracy and lowest false positive rates.

How Awake’s Ava, the world’s first AI-powered security analyst, performs autonomous threat hunting for complex threats.

How Awake optimizes the detection to response workflow while providing you with the ability to customize detection and hunting through Awake’s unique Adversarial Modeling Language.

This event will be hosted both virtually and face to face.  There are two links on the calendar so you can sign up for whichever feels right for you.

Click here for the virtual link.

Click here for the face-to-face link

If you have previously registered to attend virtually but prefer to attend in person, please register again with the face-to-face link so we can get an accurate count for catering. 

NOTE:  following this event, we anticipate moving back to our regularly scheduled third Tuesday of the month if you want to mark your calendar!

Looking forward to seeing everyone at 655 Discovery Drive on May 20! 

Cyber Huntsville 

NAC-ISSA will resume in person lunches with the April Sponsor, MarsSuite. This SIEM/asset discovery/vulnerability management/risk management tool is an essential part of your security compliance management and a great addition to your CMMC suite of solutions.  Rosies will be catering.

Register here if you plan to attend in person. There is another registration for this event if you prefer to view the demo virtually.

Location: Radiance Technology, 310 Bob Heath Drive, Huntsville, AL

Start Time: 11:30AM End Time: 12:30PM

Registration Closes On: 4/20/2021