Reposted from CISA/DHS

UPCOMING EVENTS-

CISA REGION 8 QUARTERLY THREAT BRIEFING – CISA Region 8 and the DHS Office of Intelligence and Analysis (I&A) Region 8 are hosting an Unclassified Quarterly Threat Briefing Webinar. This webinar will review physical, cyber, and foreign threats to critical infrastructure and supply chain security.

Date: December 9, 2025
Time: 10 am MST
Registration Link: CISA Region 8 Quarterly Threat Briefing
See Original Post

ANNOUNCEMENTS, TOOLS, AND RESOURCES

CISA RELEASES THREE UNMANNED AIRCRAFT SYSTEMS (UAS) SECURITY GUIDANCE PRODUCT – On November 19, 2025, CISA released three new products to help critical infrastructure owners and operators understand and reduce risks from unmanned aircraft systems. Unmanned Aircraft System Detection Technology Guidance for Critical Infrastructure provides critical infrastructure owners and operators with key considerations for how to select and leverage detection technology to increase awareness of UAS activity over a facility or site. Suspicious Unmanned Aircraft System Activity Guidance for Critical Infrastructure Owners and Operators offers criteria for recognizing suspicious UAS activity and recommendations for responding appropriately.  Safe Handling Considerations for Downed Unmanned Aircraft Systems provides information on how to prepare for and respond to downed UAS that may pose a safety or security concern.
See Original Post

BULLETPROOF DEFENSE: MITIGATING RISKS FROM BULLETPROOF HOSTING PROVIDERS – On November 19, 2025, CISA, in collaboration with U.S. and international partners, released Bulletproof Defense: Mitigating Risks from Bulletproof Hosting Providers, a guide that provides internet service providers (ISPs) and network defenders with an overview of this cybercriminal activity along with key steps, best practices, and resources to protect their customers and their networks.
See Original Post

MICROSOFT EXCHANGE SERVER SECURITY BEST PRACTICES” ADVISORY – On October 30, 2025, CISA, the National Security Agency (NSA), in collaboration with international cybersecurity partners, released the "Microsoft Exchange Server Security Best Practices" guidance. This blueprint builds upon CISA’s Emergency Directive 25-02: Mitigate Microsoft Exchange Vulnerability.
See Original Post

JOINT GUIDANCE FOR SECURING OT SYSTEMS – On September 29, 2025, CISA, in collaboration with the Federal Bureau of Investigation, the United Kingdom’s National Cyber Security Centre, and other international partners released new joint cybersecurity guidance: Creating and Maintaining a Definitive View of Your Operational Technology (OT) Architecture.
See Original Post

CISA STRENGTHENS SHARED RESPONSIBILITY NATIONWIDE WITH DIRECT CYBER SUPPORT TO SLTT PARTNERS – CISA has transitioned to a new model to better equip state, local, tribal, and territorial (SLTT) governments to strengthen shared responsibility nationwide. CISA is supporting our SLTT partners with access to grant funding, no-cost tools, and cybersecurity expertise to be resilient and lead at the local level. For more information about CISA’s Cybersecurity.
See Original Post