The Cybersecurity and Infrastructure Security Agency (CISA) has released a Cybersecurity Essentials Toolkit that provides leadership at organizations with resources to help reduce cyber risks through actions and activities that build and sustain a culture of cybersecurity. CISA is a government agency that leads the effort to enhance the security, resiliency, and reliability of the Nation's cybersecurity and communications infrastructure.

 

The kit provides resources to help you:

Download the CyberEssentials Toolkit from CISA here: Cyber Essentials Toolkit 1_FINAL_20200529_508 (002)-2-32.pdf

 

F5 Networks recently published a security advisory warning customers to patch a dangerous security flaw impacting the company's BIG-IP product, which is used in government networks all over the world, on the networks of internet service providers, inside cloud computer data centers, and widely across enterprise networks. The vulnerability is so dangerous that it received a 10 out of 10 score on the Common Vulnerability Scoring System Version 3 (CVSSv3) vulnerability severity scale because it is easy to exploit, automate, can be used over the internet, and doesn't require valid credentials or advanced coding skills to take advantage of. Learn how to patch the F5 BIG-IP critical vulnerability with the steps listed here: ECAW-177-2020 - Critical vulnerability in F5 BIG-IP-2-32.pdf

 

CISA provides cybersecurity notices and alerts that can help you stay abreast of new potential threats to your organization. Sign up for their alerts here.

 

Operators can design, plan, and execute their own cybersecurity tabletop and full scale exercises using EXIS scenarios or by creating their own to find and mitigate potential security vulnerabilities unique to their organizations. EXIS also contains a repository of best practices and lessons learned from previous transportation exercises for all threat types, including cybersecurity, that can be leveraged to improve security.