2 nd Cybersecurity Workshop Test and Evaluation to Meet the Advanced Persistent Threat
|
|
- Steven Richardson
- 5 years ago
- Views:
Transcription
1 2 nd Cybersecurity Workshop Test and Evaluation to Meet the Advanced Persistent Threat Faye Francy Aviation ISAC February 2015
2 Company Organization Corporate Defense, Space & Security Boeing Capital Corporation Engineering, Operations & Technology Shared Services Group Commercial Airplanes R&D, BTE & IT Founded in 1916 in Seattle Became a leading producer of military and commercial airplanes
3 T&E Approach Testing Early interaction with design teams (validate requirements, test objectives, testability) Simulate cyber properties before prototypes/hardware available Corporate Test Capabilities (dedicated networks, labs for LRUs, virtual cyber range) Tailored to Domain and End Users Internal IT: protect Intellectual Property (static/dynamic code analysis, pen testing+) Military: Contract requirements, need clear RFP guidance, especially DT&E Commercial Air: Safety driven (DO178-C); need security certification guidance Threat-Based Test Planning and Beyond Understand the threat (specific to the environment) Determine what to test, how to test Share Threat Data with Industry more on this. Tactically Important Operational test and evaluation (OT&E), Pen/Red Expensive (Time, $$$: need more trained personnel) Hard Sell to Management (need requirements from customers) 3
4 Airplane Technology is Evolving Global Mobility is a Requirement Hardware functions transitioning to software- hosted features Advanced features added to airplane ~ 28MB Connectivity demands increasing Resilient systems a requirement Software assurance, systems engineering, supply chain risk Connectivity 2010 None Ku L Band Air/Gnd Connectivity Ku Data Transmitted Ka (MB / Flight) None L Band Air/Gnd 4
5 Guiding Principles Build it Right, Continuously Monitor Airplanes are Safe Design guidelines / Test protocols Cyber Issue Papers FAA regulatory compliance Special Conditions Layered protection FAR Equipment, Systems, & Installations Critical, Essential, Non-Essential Failure modes Domain separation Configuration control Actively manage Fault reporting Log analysis Information sharing 5
6 Advanced Persistent Threat An Adversary that Possesses significant levels of expertise / resources Creates opportunities to achieve its objectives by using multiple attack vectors (e.g. cyber, physical) Establishes footholds within networked architecture systems To exfiltrate information Impede critical mission or program objectives Position itself to carry out objectives later Critical to Protect Aircraft Design and IP 6
7 The Threat A National Security Issue Rapidly escalating cyber threats Executive action Executive Order 13636: Improving Critical Infrastructure Cybersecurity Presidential Policy Directive 21: Critical Infrastructure Security and Resilience Comprehensive Global approach Resiliency for our Critical Infrastructures Cybersecurity is a National Security Issue Now our enemies are also seeking the ability to sabotage our power grid, our financial institutions, and our air traffic control systems. Feb, 2013
8 Promoting Private Sector Cybersecurity Information Sharing Executive Order (EO) 2/13/15 Encourages the formation of communities to share information broadly across regions, sectors and industries, and to rapidly respond to emerging threats. Voluntary establishment of Information Sharing and Analysis Organizations (ISAOs), includes Information Sharing & Analysis Centers (ISACs) Open and collaborative approach Omni-directional communication Bridges gap between the public/private sector Voluntary standards for sharing. Efficient means for granting clearances Working Together is Critical 8
9 Newly-formed Aviation ISAC Working Together across the Aviation Sector Incorporated September 2014 Building membership International engagement Leveraging other ISACs Services Available Focused Intelligence Information/Briefings Cyber-Physical Integration Member to Member Sharing Distribute Information Gathering Costs across the Sector and with other Sectors Non-attribution and Anonymity of Submissions Information source for the entire organization Risk mitigation for aviation sector Comparative advantage in risk mitigation Security and Resiliency National Council of ISACs 9
10 Operational Model for A-ISAC Shared Situational Awareness across Aviation Sector Establish 3 rd party organization dedicated to Aviation Focus on cyber & physical threats to aviation Fusion of private sector & USG info NCCIC Cross Sector Awareness ADIAC Intel sharing focused on Aviation A-ISAC Dissemination private sector / share anonymously Intelligence watch floor for sector intel Analysis, production, reporting of threats / intel Protocols for info sharing & attribution (TLP) Virtual, leveraging partners analytical capabilities Info sharing roles & responsibilities Collection & sharing of member reporting Dissemination of USG reporting Liaise with USG Coordinate with ISACs from other critical infrastructure sectors Disseminate timely, actionable intelligence to Aviation Sector 10
11 A-ISAC Info Sharing Relationships Timely, Actionable Intelligence, Anonymized A-ISAC Members General Airlines Aviation Air Cargo Service Airports Providers Suppliers Manufacturers MROs- FBOs Industry Associations Anonymized 10 Members Incident reporting Tips / field reports TLP A-ISAC Intelligence Incident reporting Trends & analysis TLP Govt & All Other Gov & All Other Open Sources Other Industries & Sectors Other Info Sharing Orgs - NCI NCCIC ADIAC Other Govt VOLUNTARY Anonymized Urgent alerts & indicators Intelligence reports Best practices Mitigation strategies Analyzes, aggregates, fuses information Filters & selects for Aviation relevance Protects member info & attribution (TLP) Creates alerts & analysis for members Coordinates response & recovery Interfaces with Gov / other sectors Aviation expertise Indicators Incident reports Mitigation actions January
12 Resilient / Trustworthy Systems Essential The Connected Airplane is here Interoperability / Interconnections - shifting the paradigm Working Together across all disciplines is essential Our Network Strategy is driving A common cross model airborne infrastructure Common off-board communications links Common ground interfaces Application & service offerings Addressing Cybersecurity is essential New territory for regulators and private sector Will drive service model to a push for in-service support A Working Together Model is key Leveraging all stakeholders across the community Cyber security must be embedded across the aviation ecosystem Cybersecurity must be addressed throughout the lifecycle
13 Summary The Trajectory Shared Situational Awareness and Collaboration Trusted environment for anonymized information sharing and collaboration Shared situational awareness Focused, actionable intelligence Global engagement Greater responsiveness and resilience Reduced business risk A Resilient Global Aviation Transportation System
14 Copyright 2013 Boeing. All rights reserved. Thank you!
15 Contact Information The Trajectory Safe, Secure, Efficient and Resilient Global Air Transportation System Faye Francy, Executive Director Terrance Kirk, Operations Manager Douglas Blough, Senior Analyst Candice Burke, Secretary Working Together Across the Aviation System For A Resilient Global Aviation Transportation System cburke@a-isac.com
16 A-ISAC Press Release (September, 2014) Industry players join to improve global aviation security Annapolis Junction, MD, September 29, 2014 Private companies in the aviation sector are collaborating to create a means for analyzing and sharing information about physical and cyber security threats across the industry. Seven airlines and manufacturers have established the Aviation Information Sharing & Analysis Center (A-ISAC), a non-profit organization based in Annapolis Junction, MD. A-ISAC will function as a specialized forum for managing security risks to the aviation industry as well as those encountered by companies directly linked to the broader aviation infrastructure. A-ISAC will create a framework for government and industry stakeholders to enhance existing intelligence resources through quick and efficient information sharing. The Center also will establish initiatives to improve incident response time to security threats and be active in the development of policies on security, incident response, and information sharing issues. About A-ISAC - The Aviation Information Sharing & Analysis Center, formed in 2014, is a non-profit and private aviation sector initiative. It was created and developed in conjunction with the Aviation Sector Coordinating Council and members from across the aviation industry. Its primary function is to allow member firms to share timely, relevant and actionable physical and cyber security information and analysis pertaining to threats, vulnerabilities and incidents. The A-ISAC also enables collaboration between member firms and government. 16
Cyber Security on Commercial Airplanes
Cyber Security on Commercial Airplanes John Craig Chief Engineer Cabin and Network Systems The Boeing Company October 2014 1 Top ten tips Richard A. Clarke 1. Don t be in denial 2. Don t underestimate
More informationISAO SO Product Outline
Draft Document Request For Comment ISAO SO 2016 v0.2 ISAO Standards Organization Dr. Greg White, Executive Director Rick Lipsey, Deputy Director May 2, 2016 Copyright 2016, ISAO SO (Information Sharing
More informationImplementing the Administration's Critical Infrastructure and Cybersecurity Policy
Implementing the Administration's Critical Infrastructure and Cybersecurity Policy Cybersecurity Executive Order and Critical Infrastructure Security & Resilience Presidential Policy Directive Integrated
More informationMedical Device Cybersecurity: FDA Perspective
Medical Device Cybersecurity: FDA Perspective Suzanne B. Schwartz MD, MBA Associate Director for Science and Strategic Partnerships Office of the Center Director (OCD) Center for Devices and Radiological
More informationGreg Garcia President, Garcia Cyber Partners Former Assistant Secretary for Cyber Security and Communications, U.S. Department of Homeland Security
1 Greg Garcia President, Garcia Cyber Partners Former Assistant Secretary for Cyber Security and Communications, U.S. Department of Homeland Security 2 Government Services 3 Business Education Social CYBERSPACE
More informationDHS Cybersecurity: Services for State and Local Officials. February 2017
DHS Cybersecurity: Services for State and Local Officials February 2017 Department of Established in March of 2003 and combined 22 different Federal departments and agencies into a unified, integrated
More informationFramework for Improving Critical Infrastructure Cybersecurity
Framework for Improving Critical Infrastructure Cybersecurity November 2017 cyberframework@nist.gov Supporting Risk Management with Framework 2 Core: A Common Language Foundational for Integrated Teams
More informationIndustry role moving forward
Industry role moving forward Discussion with National Research Council, Workshop on the Resiliency of the Electric Power Delivery System in Response to Terrorism and Natural Disasters February 27-28, 2013
More informationDHS Cybersecurity. Election Infrastructure as Critical Infrastructure. June 2017
DHS Cybersecurity Election Infrastructure as Critical Infrastructure June 2017 Department of Homeland Security Safeguard the American People, Our Homeland, and Our Values Homeland Security Missions 1.
More informationCritical Infrastructure Sectors and DHS ICS CERT Overview
Critical Infrastructure Sectors and DHS ICS CERT Overview Presented by Darryl E. Peek II REGIONAL INTELLIGENCE SEMINAR AND NATIONAL SECURITY FORUM 2 2 Authorities and Related Legislation Homeland Security
More informationCybersecurity-Related Information Sharing Guidelines Draft Document Request For Comment
Cybersecurity-Related Information Sharing Guidelines Draft Document Request For Comment SWG G 3 2016 v0.2 ISAO Standards Organization Standards Working Group 3: Information Sharing Kent Landfield, Chair
More informationThe Key Principles of Cyber Security for Connected and Automated Vehicles. Government
The Key Principles of Cyber Security for Connected and Automated Vehicles Government Contents Intelligent Transport System (ITS) & Connected and Automated Vehicle (CAV) System Security Principles: 1. Organisational
More informationHPH SCC CYBERSECURITY WORKING GROUP
HPH SCC A PRIMER 1 What Is It? The cross sector coordinating body representing one of 16 critical infrastructure sectors identified in Presidential Executive Order (PPD 21) A trust community partnership
More informationCYBER SECURITY AIR TRANSPORT IT SUMMIT
CYBER SECURITY AIR TRANSPORT IT SUMMIT SHARING GOOD PRACTICES VIVIEN EBERHARDT, SITA CYBER SECURITY CYBER SECURITY AIR TRANSPORT IT SUMMIT SHARING GOOD PRACTICES VIVIEN EBERHARDT, SITA CYBER SECURITY CYBER
More informationTestimony. Christopher Krebs Director Cybersecurity and Infrastructure Security Agency U.S. Department of Homeland Security FOR A HEARING ON
Testimony Christopher Krebs Director Cybersecurity and Infrastructure Security Agency U.S. Department of Homeland Security FOR A HEARING ON Defending Our Democracy: Building Partnerships to Protect America
More informationCyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS
Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS Continual disclosed and reported
More informationDecember 10, Statement of the Securities Industry and Financial Markets Association. Senate Committee on Banking, Housing, and Urban Development
December 10, 2014 Statement of the Securities Industry and Financial Markets Association Senate Committee on Banking, Housing, and Urban Development Hearing Entitled Cybersecurity: Enhancing Coordination
More informationInformation Technology Information Sharing and Analysis Center. First Symposium Barcelona, Spain Feb. 2, 2011
Information Technology Information Sharing and Analysis Center First Symposium Barcelona, Spain Feb. 2, 2011 About Us Non Profit, US Corporation established in 2000 and operational in 2001 Fully funded
More informationSTRENGTHENING THE CYBERSECURITY OF FEDERAL NETWORKS AND CRITICAL INFRASTRUCTURE
STRENGTHENING THE CYBERSECURITY OF FEDERAL NETWORKS AND CRITICAL INFRASTRUCTURE By the authority vested in me as President by the Constitution and the laws of the United States of America, it is hereby
More informationPanelists. Moderator: Dr. John H. Saunders, MITRE Corporation
SCADA/IOT Panel This panel will focus on innovative & emerging solutions and remaining challenges in the cybersecurity of industrial control systems ICS/SCADA. Representatives from government and infrastructure
More informationInnovation policy for Industry 4.0
Innovation policy for Industry 4.0 Remarks from Giorgio Mosca Chair of Cybersecurity Steering Committee Confindustria Digitale Director Strategy & Technologies - Security & IS Division, Leonardo Agenda
More informationOverview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013
Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013 PPD-21: CI Security and Resilience On February 12, 2013, President Obama signed Presidential Policy Directive
More informationStatement for the Record
Statement for the Record of Seán P. McGurk Director, Control Systems Security Program National Cyber Security Division National Protection and Programs Directorate Department of Homeland Security Before
More informationCOUNTERING IMPROVISED EXPLOSIVE DEVICES
COUNTERING IMPROVISED EXPLOSIVE DEVICES FEBRUARY 26, 2013 COUNTERING IMPROVISED EXPLOSIVE DEVICES Strengthening U.S. Policy Improvised explosive devices (IEDs) remain one of the most accessible weapons
More informationThe NIST Cybersecurity Framework
The NIST Cybersecurity Framework U.S. German Standards Panel 2018 April 10, 2018 Adam.Sedgewick@nist.gov National Institute of Standards and Technology About NIST Agency of U.S. Department of Commerce
More informationThe Role of the ISACs in Critical Infrastructure Resilience Presented by Steve Lines Executive Director Defense Industrial Base Information Sharing
The Role of the ISACs in Critical Infrastructure Resilience Presented by Steve Lines Executive Director Defense Industrial Base Information Sharing Analysis Center DIB ISAC December 18, 2014 Why ISACs?
More informationU.S. Department of Homeland Security Office of Cybersecurity & Communications
U.S. Department of Homeland Security Office of Cybersecurity & Communications Council of State Governments Cybersecurity Session November 3, 2017 Cybersecurity & Communications (CS&C) CS&C s Mission ensure
More informationDepartment of Homeland Security Updates
American Association of State Highway and Transportation Officials Special Committee on Transportation Security and Emergency Management 2016 Critical Infrastructure Committee Joint Annual Meeting Department
More informationSecurity Monitoring Engineer / (NY or NC) Director, Information Security. New York, NY or Winston-Salem, NC. Location:
Position: Reports to: Location: Security Monitoring Engineer / (NY or NC) Director, Information Security New York, NY or Winston-Salem, NC Position Summary: The Clearing House (TCH) Information Security
More informationGlobal Resilience Federation Trust. Collaboration. Community. Cindy Donaldson President, Global Resilience Federation October 2017
Global Resilience Federation Trust. Collaboration. Community. Cindy Donaldson President, Global Resilience Federation October 2017 Global Resilience Federation is a non-profit organization committed to
More informationAdvanced Technology Academic Research Council Federal CISO Summit. Ms. Thérèse Firmin
Advanced Technology Academic Research Council Federal CISO Summit Ms. Thérèse Firmin Acting Deputy DoD CIO Cyber Security Department of Defense 25 January 2018 2 Overview Secretary Mattis Priorities Cybersecurity
More informationCyber Security & Homeland Security:
Cyber Security & Homeland Security: Cyber Security for CIKR and SLTT Michael Leking 19 March 2014 Cyber Security Advisor Northeast Region Office of Cybersecurity and Communications (CS&C) U.S. Department
More informationElectricity Sub-Sector Coordinating Council Charter FINAL DISCUSSION DRAFT 7/9/2013
Electricity Sub-Sector Coordinating Council Charter FINAL DISCUSSION DRAFT 7/9/2013 Purpose and Scope The purpose of the Electricity Sub-Sector Coordinating Council (ESCC) is to facilitate and support
More informationGPS Vulnerability and DHS Mitigation Efforts. David Wulf Acting Deputy Assistant Secretary Infrastructure Protection Department of Homeland Security
GPS Vulnerability and DHS Mitigation Efforts David Wulf Acting Deputy Assistant Secretary Infrastructure Protection Department of Homeland Security The Office of Infrastructure Protection National Protection
More informationAGENCY: National Weather Service, National Oceanic and Atmospheric Administration, U.S.
This document is scheduled to be published in the Federal Register on 04/20/2018 and available online at https://federalregister.gov/d/2018-08336, and on FDsys.gov Billing Code 3510-KE-P DEPARTMENT OF
More informationMCGILL UNIVERSITY/PEOPIL CONFERENCE DUBLIN OCTOBER 2018
Cyber Security: Airport risk and liability Jean-Michel Fobe Adrian Cioranu MCGILL UNIVERSITY/PEOPIL Conference on International Aviation & Liability DUBLIN 19-20 Airport cybersecurity concerns Airport
More informationImplementing Executive Order and Presidential Policy Directive 21
March 26, 2013 Implementing Executive Order 13636 and Presidential Policy Directive 21 Mike Smith, Senior Cyber Policy Advisor, Office of Electricity Delivery and Energy Reliability, Department of Energy
More informationMaintaining Resiliency Within the Defense Industrial Base Through Preparedness Response and Recovery
Maintaining Resiliency Within the Defense Industrial Base Through Preparedness Response and Recovery Dave Komendat Chief Security Officer The Boeing Company What We Do Today Design, assemble and support
More informationTechnical Conference on Critical Infrastructure Protection Supply Chain Risk Management
Technical Conference on Critical Infrastructure Protection Supply Chain Risk Management Remarks of Marcus Sachs, Senior Vice President and the Chief Security Officer North American Electric Reliability
More informationENISA EU Threat Landscape
ENISA EU Threat Landscape 24 th February 2015 Dr Steve Purser ENISA Head of Department European Union Agency for Network and Information Security www.enisa.europa.eu Agenda ENISA Areas of Activity Key
More informationRICK RAMPOLLA WHO WE ARE. ITDM Security Operations, Publix Super Markets Inc.
RICK RAMPOLLA ITDM Security Operations, Publix Super Markets Inc. Intelligence shared through the R-CISC has played a key role in our efforts to combat cyber threats. We can directly correlate the value
More informationICS-CERT Year in Review. Industrial Control Systems Cyber Emergency Response Team
ICS-CERT Year in Review Industrial Control Systems Cyber Emergency Response Team 2012 What s Inside Welcome 1 Organization 3 Outreach 4 Industrial Control Systems Joint Working Group 5 Advanced Analytical
More informationInformation Collection Request: The Department of Homeland. Security, Stakeholder Engagement and Cyber Infrastructure
This document is scheduled to be published in the Federal Register on 07/18/2017 and available online at https://federalregister.gov/d/2017-15068, and on FDsys.gov 9110-9P P DEPARTMENT OF HOMELAND SECURITY
More informationNational Policy and Guiding Principles
National Policy and Guiding Principles National Policy, Principles, and Organization This section describes the national policy that shapes the National Strategy to Secure Cyberspace and the basic framework
More informationIncentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO
White Paper Incentives for IoT Security May 2018 Author: Dr. Cédric LEVY-BENCHETON, CEO Table of Content Defining the IoT 5 Insecurity by design... 5 But why are IoT systems so vulnerable?... 5 Integrating
More informationThe Office of Infrastructure Protection
The Office of Infrastructure Protection National Protection and Programs Directorate Department of Homeland Security Organisation for the Prohibition of Chemical Weapons September 13, 2011 Overall Landscape
More informationSuzanne B. Schwartz, MD, MBA Director Emergency Preparedness/Operations & Medical Countermeasures (EMCM Program) CDRH/FDA
Preventing the Unthinkable: Issues in MedTech Cyber Security Trends and Policies MassMEDIC Cambridge, Mass Thursday Oct 1, 2015 Suzanne B. Schwartz, MD, MBA Director Emergency Preparedness/Operations &
More informationMEDICAL DEVICE CYBERSECURITY: FDA APPROACH
MEDICAL DEVICE CYBERSECURITY: FDA APPROACH CYBERMED SUMMIT JUNE 9TH, 2017 SUZANNE B. SCHWARTZ, MD, MBA ASSOCIATE DIRECTOR FOR SCIENCE & STRATEGIC PARTNERSHIPS CENTER FOR DEVICES AND RADIOLOGICAL HEALTH
More informationDepartment of Defense. Installation Energy Resilience
Department of Defense Installation Energy Resilience Lisa A. Jung DASD (Installation Energy) OASD(Energy, Installations and Environment) 19 June 2018 Installation Energy is Energy that Powers Our Military
More informationUpdates to the NIST Cybersecurity Framework
Updates to the NIST Cybersecurity Framework NIST Cybersecurity Framework Overview and Other Documentation October 2016 Agenda: Overview of NIST Cybersecurity Framework Updates to the NIST Cybersecurity
More informationThe National Medical Device Information Sharing & Analysis Organization (MD-ISAO) Initiative Session 2, February 19, 2017 Moderator: Suzanne
The National Medical Device Information Sharing & Analysis Organization (MD-ISAO) Initiative Session 2, February 19, 2017 Moderator: Suzanne Schwartz, Assoc. Dir., CDRH, FDA Denise Anderson, MBA, President,
More informationGrid Security & NERC. Council of State Governments. Janet Sena, Senior Vice President, Policy and External Affairs September 22, 2016
Grid Security & NERC Council of State Governments The Future of American Electricity Policy Academy Janet Sena, Senior Vice President, Policy and External Affairs September 22, 2016 1965 Northeast blackout
More informationIntegrated C4isr and Cyber Solutions
Integrated C4isr and Cyber Solutions When Performance Matters L3 Communication Systems-East provides solutions in the C4ISR and cyber markets that support mission-critical operations worldwide. With a
More informationThe Office of Infrastructure Protection
The Office of Infrastructure Protection National Protection and Programs Directorate Department of Homeland Security Regional Resiliency Assessment Program 2015 State Energy Risk Assessment Workshop April
More informationFAA Cybersecurity Test Facility (CyTF) By: Enterprise Information Security Team ANG-B31 Patrick Hyle, William J Hughes Technical Center
FAA Cybersecurity Test Facility (CyTF) By: Enterprise Information Security Team ANG-B31 Patrick Hyle, William J Hughes Technical Center Date: 08 August, 2016 1 2 3 4 5 6 7 8 2 FAA Provides Aviation Portion
More informationElection Infrastructure Security: The How and Why of It
Election Infrastructure Security: The How and Why of It Minnesota County Auditor Election Training Conference May 3, 2018 Contents Election Infrastructure Security Overview Cyber and Physical Security
More informationBriefing to National Association of Regulatory Utility Commissioners
Critical Infrastructure Threat Information Sharing Framework Briefing to National Association of Regulatory Utility Commissioners February 12, 2017 The Info Sharing Problem 2 Because I m a Government Employee
More informationNATIONAL DEFENSE INDUSTRIAL ASSOCIATION Homeland Security Symposium
NATIONAL DEFENSE INDUSTRIAL ASSOCIATION Homeland Security Symposium Securing Cyber Space & America s Cyber Assets: Threats, Strategies & Opportunities September 10, 2009, Crystal Gateway Marriott, Arlington,
More informationPOSITION DESCRIPTION
POSITION DESCRIPTION Engagement Manager Unit/Branch, Directorate: Location: Outreach & Engagement, Information Assurance and Cyber Security Directorate Auckland Salary range: H $77,711 - $116,567 Purpose
More informationThe NIS Directive and Cybersecurity in
The NIS Directive and Cybersecurity in ehealth Dr. Athanasios Drougkas Officer in NIS Belgian Hospitals Meeting on Security Brussels 13 th October European Union Agency For Network And Information Security
More informationPIPELINE SECURITY An Overview of TSA Programs
PIPELINE SECURITY An Overview of TSA Programs Jack Fox Pipeline Industry Engagement Manager Surface Division Office of Security Policy & Industry Engagement May 5, 2014 TSA and Pipeline Security As the
More informationWhy you should adopt the NIST Cybersecurity Framework
Why you should adopt the NIST Cybersecurity Framework It s important to note that the Framework casts the discussion of cybersecurity in the vocabulary of risk management Stating it in terms Executive
More informationRegional Workshop on Frameworks for Cybersecurity and CIIP Feb 2008 Doha, Qatar
Regional Workshop on Frameworks for Cybersecurity and CIIP 18 21 Feb 2008 Doha, Qatar A National Cybersecurity Strategy aecert Roadmap Eng. Fatma Bazargan aecert Project Manager Technical Affairs Department
More informationRocky Mountain Cyberspace Symposium 2018 DoD Cyber Resiliency
Rocky Mountain Cyberspace Symposium 2018 DoD Cyber Resiliency Mr. Ed Brindley Acting Deputy Cyber Security Department of Defense 7 March 2018 SUPPORT THE WARFIGHTER 2 Overview Secretary Mattis Priorities
More informationExecutive Order on Coordinating National Resilience to Electromagnetic Pulses
Executive Order on Coordinating National Resilience to Electromagnetic Pulses The Wh... Page 1 of 11 EXECUTIVE ORDERS Executive Order on Coordinating National Resilience to Electromagnetic Pulses INFRASTRUCTURE
More informationControl Systems Cyber Security Awareness
Control Systems Cyber Security Awareness US-CERT Informational Focus Paper July 7, 2005 Produced by: I. Purpose Focus Paper Control Systems Cyber Security Awareness The Department of Homeland Security
More informationTexas Reliability Entity, Inc. Strategic Plan for 2017 TEXAS RE STRATEGIC PLAN FOR 2017 PAGE 1 OF 13
Texas Reliability Entity, Inc. Strategic Plan for 2017 TEXAS RE STRATEGIC PLAN FOR 2017 PAGE 1 OF 13 I. Vision A highly reliable and secure bulk power system in the Electric Reliability Council of Texas
More informationThe Office of Infrastructure Protection
The Office of Infrastructure Protection National Protection and Programs Directorate Department of Homeland Security Protective Security Coordination Division Overview ND Safety Council Annual Conference
More informationSYMANTEC: SECURITY ADVISORY SERVICES. Symantec Security Advisory Services The World Leader in Information Security
SYMANTEC: SECURITY ADVISORY SERVICES Symantec Security Advisory Services The World Leader in Information Security Knowledge, as the saying goes, is power. At Symantec we couldn t agree more. And when it
More informationIncident Response Services
Services Enhanced with Supervised Machine Learning and Human Intelligence Empowering clients to stay one step ahead of the adversary. Secureworks helps clients enable intelligent actions to outsmart and
More informationCybersecurity Presidential Policy Directive Frequently Asked Questions. kpmg.com
Cybersecurity Presidential Policy Directive Frequently Asked Questions kpmg.com Introduction On February 12, 2013, the White House released the official version of the Presidential Policy Directive regarding
More informationDEVELOP YOUR TAILORED CYBERSECURITY ROADMAP
ARINC cybersecurity solutions DEVELOP YOUR TAILORED CYBERSECURITY ROADMAP Getting started is as simple as assessing your baseline THE RIGHT CYBERSECURITY SOLUTIONS FOR YOUR UNIQUE NEEDS Comprehensive threat
More informationCOUNTERING IMPROVISED EXPLOSIVE DEVICES
COUNTERING IMPROVISED EXPLOSIVE DEVICES FEBRUARY 26, 2013 Report Documentation Page Form Approved OMB No. 0704-0188 Public reporting burden for the collection of information is estimated to average 1 hour
More informationCybersecurity program & best practices
Cybersecurity program & best practices How Gogo Business Aviation secures its airborne networks and inflight internet systems Live Webinar Thursday, September 28, 2017 Welcome & housekeeping notes Webinar
More informationInformation Technology Branch Organization of Cyber Security Technical Standard
Information Technology Branch Organization of Cyber Security Technical Standard Information Management, Administrative Directive A1461 Cyber Security Technical Standard # 1 November 20, 2014 Approved:
More informationDHS Election Task Force Updates. Geoff Hale, Elections Task Force
1 DHS Election Task Force Updates Geoff Hale, Elections Task Force Geoffrey.Hale@hq.dhs.gov ETF Updates Where we ve made progress Services EI-ISAC/ National Cyber Situational Awareness Room What we ve
More informationPosition Description. Computer Network Defence (CND) Analyst. GCSB mission and values. Our mission. Our values UNCLASSIFIED
Position Description Computer Network Defence (CND) Analyst Position purpose: Directorate overview: The CND Analyst seeks to discover, analyse and report on sophisticated computer network exploitation
More informationSoftware & Supply Chain Assurance: Enabling Enterprise Resilience through Security Automation, Software Assurance and Supply Chain Risk Management
Software & Supply Chain Assurance: Enabling Enterprise Resilience through Security Automation, Software Assurance and Supply Chain Risk Management Joe Jarzombek, PMP, CSSLP Director for Software & Supply
More informationRCISC_11014 Prospect Brochure_V3.indd 1
RCISC_11014 Prospect Brochure_V3.indd 1 4/26/18 2:38 PM RICK RAMPOLLA ITDM Security Operations, Publix Super Markets Inc. Intelligence shared through the R-CISC has played a key role in our efforts to
More informationICB Industry Consultation Body
ICB Industry Consultation Body POSITION PAPER Regulatory Response to ATM Cyber-Security Increasing reliance on inter-connected ATM systems, services and technologies increases the risk of cyber-attacks.
More informationSupply Chain Integrity and Security Assurance for ICT. Mats Nilsson
Supply Chain Integrity and Security Assurance for ICT Mats Nilsson The starting point 2 B Internet users 85% Population coverage 5+ B Mobile subscriptions 10 years of Daily upload E-Books surpassing Print
More informationGeneral Framework for Secure IoT Systems
General Framework for Secure IoT Systems National center of Incident readiness and Strategy for Cybersecurity (NISC) Government of Japan August 26, 2016 1. General Framework Objective Internet of Things
More informationIMPROVING CYBERSECURITY AND RESILIENCE THROUGH ACQUISITION
IMPROVING CYBERSECURITY AND RESILIENCE THROUGH ACQUISITION Briefing for OFPP Working Group 19 Feb 2015 Emile Monette GSA Office of Governmentwide Policy emile.monette@gsa.gov Cybersecurity Threats are
More informationCyber Security Technologies
1 / Cyber Security Technologies International Seminar on Cyber Security: An Action to Establish the National Cyber Security Center Lisbon, 12 th September 2013 23 / Key highlights - Thales Group Thales
More informationPosition Description. Engagement Manager UNCLASSIFIED. Outreach & Engagement Information Assurance and Cyber Security Directorate.
Position Description Engagement Manager Business unit: Position purpose: Direct reports: Directorate overview: Business Unit Overview Remuneration indicator: Outreach & Engagement Information Assurance
More informationWater Information Sharing and Analysis Center
SUPERCHARGE YOUR SECURITY Water Information Sharing and Analysis Center DHS Hunt and Incident Response Team September 12, 2018 SUPERCHARGE YOUR SECURITY Presenter Brian Draper, DHS NCCIC HIRT Slides and
More informationSection One of the Order: The Cybersecurity of Federal Networks.
Summary and Analysis of the May 11, 2017 Presidential Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure. Introduction On May 11, 2017, President Donald
More informationOutreach and Partnerships for Promoting and Facilitating Private Sector Emergency Preparedness
2011/EPWG/WKSP/020 Session 4 Outreach and Partnerships for Promoting and Facilitating Private Sector Emergency Preparedness Submitted by: Australia Workshop on Private Sector Emergency Preparedness Sendai,
More informationThe Case for National CSIRTs
The Case for National CSIRTs ENOG 12 Yerevan 3-4 Oct 2016 What is a CERT (CSIRT)? A Computer Security Incident Response Team (CSIRT) is a service organization that is responsible for receiving, reviewing,
More informationSecure Product Design Lifecycle for Connected Vehicles
Secure Product Design Lifecycle for Connected Vehicles Lisa Boran Vehicle Cybersecurity Manager, Ford Motor Company SAE J3061 Chair SAE/ISO Cybersecurity Engineering Chair AGENDA Cybersecurity Standards
More informationCyber Security and Cyber Fraud
Cyber Security and Cyber Fraud Remarks by Andrew Ross Director, Payments and Cyber Security Canadian Bankers Association for Senate Standing Committee on Banking, Trade, and Commerce October 26, 2017 Ottawa
More informationBUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE
BUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE 1 WHAT IS YOUR SITUATION? Excel spreadsheets Manually intensive Too many competing priorities Lack of effective reporting Too many consultants Not
More informationAvionics Cyber T&E Examples Testing Cyber Security Resilience to support Operations in the 3rd Offset Environment
Avionics Cyber T&E Examples Testing Cyber Security Resilience to support Operations in the 3rd Offset Environment 26 January 2017 Presented by: Mr. Chad Miller NAVAIR Cyber T&E What: Replicate Cyber Battlespace
More informationStrategies for Maritime Cyber Security Leveraging the Other Modes
Strategies for Maritime Cyber Security Leveraging the Other Modes Michael Dinning Innovative Technologies for a Resilient Marine Transportation System June 24, 2014 The National Transportation Systems
More informationINTERNATIONAL TELECOMMUNICATION UNION
INTERNATIONAL TELECOMMUNICATION UNION Telecommunication Development Bureau T E L E F A X Place des Nations Telephone +41 22 730 51 11 CH-1211 Geneva 20 Telefax Gr3: +41 22 733 72 56 Switzerland Gr4: +41
More informationDoD Strategy for Cyber Resilient Weapon Systems
DoD Strategy for Cyber Resilient Weapon Systems Melinda K. Reed Office of the Deputy Assistant Secretary of Defense for Systems Engineering NDIA Systems Engineering Conference October 2016 10/24/2016 Page-1
More informationCybersecurity and Data Protection Developments
Cybersecurity and Data Protection Developments Nathan Taylor March 8, 2017 NY2 786488 MORRISON & FOERSTER LLP 2017 mofo.com Regulatory Themes 2 A Developing Regulatory Environment 2016 2017 March CFPB
More informationChapter X Security Performance Metrics
Chapter X Security Performance Metrics Page 1 of 10 Chapter X Security Performance Metrics Background For many years now, NERC and the electricity industry have taken actions to address cyber and physical
More informationCritical Infrastructure
Critical Infrastructure 1 Critical Infrastructure Can be defined as any facility, system, or function which provides the foundation for national security, governance, economic vitality, reputation, and
More informationMeasurement Challenges and Opportunities for Developing Smart Grid Testbeds
Measurement Challenges and Opportunities for Developing Smart Grid Testbeds 10th Carnegie Mellon Conference on the Electricity Industry April 1, 2015 Paul Boynton boynton@nist.gov Testbed Manager Smart
More information