This space will share important security and cybersecurity information from reputable sources.  ALMR takes cyber and physical security seriously to ensure continued operation of this critical system.  We encourage all ALMR users to disseminate cybersecurity information and best practices throughout your organization.

ALMR System Security:

ALMR is a closed system and provides the highest level of security to protect federal government agencies and assets operating on the system. All other agencies on the system benefit from this strict policy. In order to maintain the level of security required for federal agencies to operate on ALMR, no new products or infrastructure may be added to the system without completing the System Change Request process (see procedure 400-3), having the request reviewed from a security and technical standpoint, and obtaining approval from the Executive Council. Agencies should never purchase a product without contacting the Operations Management Office or the System Management Office first, completing the change request form, and receiving the required approval.

Disclaimer:  The listing on this page is solely for the benefit of user agencies.  Links are provided for the information, when available (which is the title or contained within quotation marks in some cases) to access the available information.


10/7/2024

Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) Update

Ahead of mandatory rules, CISA unveils new cyber incident reporting portal. 

Scroll down this page for more info and the portal link.

Voluntary Cyber Incident Reporting | CISA

CISA asks every organization and entity that experiences a cyber incident report it to CISA. 

Regardless of whether an organization is, or may later be, subject to regulatory cyber incident reporting requirements, reporting cyber incidents to CISA today benefits all of us across government and industry since cyber incidents have the potential to impact the economy, public health, and our national security.  It also helps inform our collective understanding of the national cyber threat landscape. Cyber incident reporting:

  • Enables rapid identification of ongoing incidents and increased understanding of successful mitigation measures, thereby increasing the ability of impacted entities and the Federal government to respond to ongoing campaigns faster and mitigate or minimize the consequences that could result from them.
  • Facilitates the identification and sharing of information on exploited vulnerabilities and measures that can be taken to address those vulnerabilities, thereby enabling entities with un-remediated and unmitigated vulnerabilities on their systems to take steps to remedy or mitigate those vulnerabilities before they also fall victim.
  • Supports CISA’s ability to share information to enable non-Federal and Federal partners to detect and counter sophisticated cyber campaigns earlier, with the potential to avoid or minimize negative impacts to critical infrastructure or national security, thereby reducing the risks associated with those campaigns. 
  • Contributes to a more accurate and comprehensive understanding of the cyber threat environment, allowing CISA’s Federal and non-Federal stakeholders to more efficiently and effectively allocate resources to prevent, deter, defend against, respond to, and mitigate significant cyber threats.
  • Supports sharing of information about common threat actor tactics, techniques, and procedures with the information technology community, enabling software developers and vendors to develop more secure products or send out updates to add security to existing products, better protecting end users.
  • Allows law enforcement entities to use reported information to investigate, identify, and prosecute perpetrators of cybercrime, getting malicious cyber actors off the street and deterring future actors. 
  • Enhances CISA’s ability to identify trends and track cyber threat activity across the cyber threat landscape beyond the Federal agencies that are required to report information to CISA.

Our lives and our work have become increasingly digitized. Web-enabled services and inter-connected devices offer significant efficiencies but also increase exposure to cyber actors seeking to exploit vulnerabilities. Today, nation-state backed cyber actors, cyber criminals, and other threat actors have much wider opportunities to sneak into networks and steal or ransom sensitive information and critical data, position themselves to disrupt service at a time of their choosing, and otherwise wreak havoc.  Compounding the risk is rapidly advancing technology like artificial intelligence, which can make it faster and easier for adversaries to conduct cyber incidents.

CISA has unveiled a streamlined service for reporting cyber incidents, as CISA gears up for new reporting requirements to take effect as soon as next year. CISA Services Portal and Voluntary Cyber Incident Reporting webpage, with resources and frequently asked questions, is now live

The Cybersecurity and Infrastructure Security Agency (CISA) announces its cyber incident reporting form moved to the new CISA Services Portal as part of its ongoing effort to improve cyber incident reporting.

The Portal is a secure platform with enhanced functionality for cyber incident reporting, including integration with login.gov credentials. The portal’s enhanced functionality includes the ability to save and update reports, share submitted reports with colleagues or clients for third-party reporting, and search and filter reports. A new collaboration feature allows users to engage in informal discussions with CISA.

“Any organization experiencing a cyber attack or incident should report it – for its own benefit, and to help the broader community. CISA and our government partners have unique resources and tools to aid with response and recovery, but we can’t help if we don’t know about an incident,” said CISA Executive Assistant Director for Cybersecurity Jeff Greene. “Sharing information allows us to work with our full breadth of partners so that the attackers can’t use the same techniques on other victims, and can provide insight into the scale of an adversary’s campaign. CISA is excited to make available our new portal with improved functionality and features for cyber reporting.”

To guide incident reporters through the reporting process, CISA also released a voluntary cyber incident reporting resource. It helps entities understand “who” should report an incident, “why and when” they should report, as well as “what and how to report.” Several resources to reduce cyber risk are also available.

CISA encourages all organizations to take advantage of its new streamlined portal and voluntarily report cyber incidents.

Click on links located within the quotation marks “CISA Services Portal” and “Voluntary Cyber Incident Reporting Resource,” for more information.

 

10/7/2024

Quarterly Cybersecurity Webinars Schedule

 

10/19/23

The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), and Multi-State Information Sharing and Analysis Center (MS-ISAC) are releasing this joint guide to outline phishing techniques malicious actors commonly use and to provide guidance for both network defenders and software manufacturers. This will help to reduce the impact of phishing attacks in obtaining credentials and deploying malware.

Social engineering is the attempt to trick someone into revealing information (e.g., a password) or taking an action that can be used to compromise systems or networks. Phishing is a form of social engineering where malicious actors lure victims (typically via email) to visit a malicious site or deceive them into providing login credentials. Malicious actors primarily leverage phishing for:

  • Obtaining login credentials. Malicious actors conduct phishing campaigns to steal login credentials for initial network access.
  • Malware deployment. Malicious actors commonly conduct phishing campaigns to deploy malware for follow-on activity, such as interrupting or damaging systems, escalating user privileges, and maintaining persistence on compromised systems.

The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), and Multi-State Information Sharing and Analysis Center (MS-ISAC) are releasing this joint guide to outline phishing techniques malicious actors commonly use and to provide guidance for both network defenders and software manufacturers. This will help to reduce the impact of phishing attacks in obtaining credentials and deploying malware.

The guidance for network defenders is applicable to all organizations but may not be feasible for organizations with limited resources. Therefore, this guide includes a section of tailored recommendations for small-and medium-sized businesses and agencies  that may not have the resources to hire IT staff dedicated to a constant defense against phishing threats.

Phishing Guidance: Stopping the Attack Cycle at Phase One | CISA

 

10/4/23

On September 28, the Cybersecurity and Infrastructure Security Agency (CISA) kicked off the 20th Cybersecurity Awareness Month. In tandem, CISA also launched a new, enduring cybersecurity awareness program known as “Secure Our World.” The Secure Our World program promotes behavioral change in all Americans, with a particular focus on how individuals, families and small to medium-sized businesses can Secure Our World by focusing on four critical actions: using strong passwords and a password manager, turning on multifactor authentication (MFA), recognizing and reporting phishing, and updating software. It also asks technology manufacturers to Secure our Products by designing products that are cybersecure right out of the box. Secure Our World is the theme for this year’s Cybersecurity Awareness Month and will remain the enduring theme for future awareness month campaigns.

 This October and year-round, CISA challenges everyone to help secure our world by adopting four simple steps that everyone can take to stay safe online:

 ·       Use strong passwords that are long, random, and unique to each account, and use a password manager to generate them and to save them.

·       Turn on multifactor authentication on all accounts that offer it. We need more than a password on our most important accounts, like email, social media, and financial accounts.

·       Recognize and report phishing, as we like to say, think before you click. Be cautious of unsolicited emails or texts or calls asking you for personal information, and don’t click on links or open attachments from unknown sources.

·       Update software. In fact, enable automatic updates on software so the latest security patches keep devices we are connected to continuously up to date.

Additionally, as part of the effort to Secure Our World, we offer resources and tips:

 ·       For individuals and families, the Secure Our World program emphasizes the importance of securing personal accounts, offering guidance on personal device safety, safe internet browsing practices, social media usage, and protecting personal information online. 

·       Small and medium-sized businesses (SMBs) face unique challenges, so we are working to help them Secure Our World by offering tools and resources that can help keep their businesses, employees, customers and, ultimately, our communities safer.

·       Tech manufacturers can Secure Our World by implementing security features built-in by design. Default settings should have the highest security measures implemented, and individuals can manually bypass security features if they don’t want them. Users should not have to opt-in to necessary security measures to make their products safe to use. Products should be safe for end users right out of the box.

 By committing to safe online behaviors, we can easily minimize or prevent cybercriminals and hackers from infiltrating our devices and online accounts. 

CISA encourages everyone to explore the resources on our Cybersecurity Awareness Month website, which include a toolkit, tip sheets, and animated videos.

 

Related Posts

If you enjoyed reading this, then please explore our other articles below: