The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS security advisories, along with additional alerts, updates, and bulletins:
ICS Advisories:
The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure Resilience
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS security advisories, along with additional alerts, updates, and bulletins:
ICS Advisories:
Yesterday, CISA released the “JCDC AI Cybersecurity Collaboration Playbook and Fact Sheet” to enhance information sharing between the public and private sectors in response to AI-related cyber threats. Developed in conjunction with the FBI, NSA's AI Security Center, and various industry partners including Google, IBM, and Microsoft, the playbook aims to create a “unified approach” to managing these threats.
The New York State Intelligence Center (NYSIC) recently released a TLP:CLEAR cyber intelligence bulletin titled “Best Practices to Mitigate Threat Actor Targeting of IP Cameras.” The report highlights how internet protocol (IP) cameras and other internet of things (IoT) connected devices pose a significant vulnerability for organizations that utilize them and emphasizes the need for these organizations to implement certain mitigation strategies.
The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure Resilience
According to cybersecurity company Check Point, infostealers are on the rise with a 58% increase in infection attempts year-over-year.
Yesterday, CISA released their “Cybersecurity Performance Goals Adoption Report”, highlighting the benefits that the Cybersecurity Performance Goals (CPGs) have incurred on U.S. critical infrastructure. The CPGs are based on 7,791 critical infrastructure organizations enrolled in CISA’s Vulnerability Scanning service between August 1, 2022 and August 31, 2024.
Yesterday, CISA, along with11 domestic and international partners, including the European Commission, released the joint guidance “Secure by Demand: Priority Considerations for Operational Technology Owners and Operators when Selecting Digital Products”. The guide outlines how owners and operators should incorporate security measures into their procurement processes when acquiring industrial automation, control systems, and other OT products. The agencies urge organizations to focus on products that include 12 key security elements.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS security advisories, along with additional alerts, updates, and bulletins:
ICS Advisories:
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
