DHS Cybersecurity Services and Resources
|
|
- Dennis Cobb
- 5 years ago
- Views:
Transcription
1 DHS Cybersecurity Services and Resources September 18 th, 2018 Harley D. Rinerson Chief of Operations Central U.S. Cyber Advisor Program Cybersecurity Advisor Program Department of
2 Agenda Cyber Advisor Program Cyber Framework DHS Cyber Service Offerings 2
3 Scary Bedtime Story's Ransomware-as-a-Service (RaaS) Non-technical users create campaigns Recent one- MacRansom -.25 bitcoin about $700 Bad actors are using behavioral analysis Start of the business day Thursdays spike for malware Wednesday then the rest of the week 3
4 Lack of Confidence 4
5 Types of Delivery 5
6 Are you in the Top Five? 6
7 Cybersecurity Advisors Mission Mission: To provide direct coordination, outreach, and regional support and assistance in the protection of cyber components essential to the Nation s Critical Infrastructure. Secure.gov Reduce Cyber Risk Focus Areas: Build Strategic Partnerships Develop Cyber Talent Ensure Emergency Communications
8 Cybersecurity Advisor (CSA) Program In service of this mission, CSAs are guided by the following goals: Assess: Assess critical infrastructure cyber risk. Promote: Promote best practices and risk mitigation strategies. Build: Initiate, build capacity, and support cyber communities-ofinterest and working groups. Educate: Educate and raise awareness. Listen: Collect stakeholder requirements. Coordinate: Coordinate incident support and lessons-learned.
9 Serving Critical Infrastructure and Government
10 CSA Locations
11 Cybersecurity and Resilience 11
12 What Is Resilience? the ability to prepare for and adapt to changing conditions and withstand and recover rapidly from disruptions. Resilience includes the ability to withstand and recover from deliberate attacks, accidents, or naturally occurring threats or incidents - Presidential Policy Directive PPD 21 February 12, 2013 Protect () Perform (Capability) Sustain (Continuity) Repeat (Maturity)
13 An Approach to Cyber Resilience Have a philosophy, framework, or general approach to cyber resilience, and follow it. This is one successful approach: Identify Services Identify and prioritize services Create Asset Inventory Identify assets, align assets to services, and inventory assets Protect & Sustain Assets Establish risk management, resilience requirements, control objectives, and controls Disruption Management Establish continuity requirements for assets and develop service continuity plans Evaluate & Improve Define objectives and standards, measure against those standards, evaluate and identify areas for improvement. Process Management and Improvement
14 Do the Basics, More Consistently Attackers are simply getting better than most defenders. But often, neglecting to do the basics is what leads to a breach. You have a responsibility to appropriately manage risk and serve your customers. Your best effort is within your control. Don t let paralysis by analysis take hold. 1.Measure your program against established standards. 2.Manage improvements and work on operational resilience.
15 Key Questions How do you know if your cybersecurity efforts are going well? Do you plan your cybersecurity activities? Do you adhere to a cybersecurity standard of practice? What s at risk? Have you identified the potential consequences if your systems are compromised or unavailable? Have you planned for cyber incident management and exercised that plan? Can you sustain operations of critical processes following a significant cyber incident?
16 NIST Cybersecurity Framework The cybersecurity framework (CSF) establishes a common perspective and vernacular, is broadly applicable and developed by private and public organizations, provides risk-based guidelines, is collaboration oriented, and is internationally recognized.
17 Cybersecurity Services - CYBER RESILIENCE REVIEW - EXTERNAL DEPENDENCIES MANAGEMENT - CYBER INFRASTRUCTURE SURVEY - CYBERSECURITY EVALUATIONS TOOL - PHISHING CAMPAIGN ASSESSMENT - VULNERABILITY SCANNING/ HYGIENE - VALIDATED ARCHITECTURE DESIGN REVIEW - RISK AND VULNERABILITY ASSESSMENT STRATEGIC (HIGH-LEVEL) TECHNICAL (LOW-LEVEL)
18 Vulnerability Scanning Assess Internet accessible systems for known vulnerabilities and configuration errors. Work with organization to proactively mitigate threats and risks to systems. Activities include: Network Mapping Identify public IP address space Identify hosts that are active on IP address space Determine the O/S and Services running Re-run scans to determine any changes Graphically represent address space on a map Network Vulnerability & Configuration Scanning Identify network vulnerabilities and weakness
19 Phishing Campaign Assessment (PCA) Objectives: Increase cybersecurity awareness within stakeholder organizations Decrease risk of successful malicious phishing attacks, limit exposure, reduce rates of exploitation Benefits: Receive actionable metrics Highlight need for improved security Scope: Training 6-week engagement period Phishing s capture click-rate only, no payloads will be used Varying Levels of Complexity -- Levels 1-6 (Easy to Difficult) 19
20 Phishing Campaign Assessment Sample Reports Week Campaign Date Sent Complexity User Click # s Level Rate Sent 1 Please Help! 3/18/ % Reveal Your Past 3/31/ % Password Expire Alert 4/6/ % Severe Weather Checklist 4/15/ % Federal Employee Survey 4/20/ % Salary Guidelines 4/27/ % 402
21 Validated Architecture Design Review Description The Validated Architecture Design Review (VADR) is a voluntary, no-cost assessment based on standards, guidelines, and best practices. The assessment encompasses architecture and design review, system configuration, and log file review, and sophisticated analysis of network traffic to develop a detailed representation of the communications, flows, and relationships between devices and most importantly to identify anomalous (and potentially suspicious) communication flows. This offering provides a sophisticated analysis of the asset owner s network. Outcomes After the review, the NCCIC will provide an in-depth VADR Report that includes key discoveries and practical recommendations for improving an organization s operational maturity and enhancing their cybersecurity posture. Assessment Logistics Execution of the DHS assessment agreement and submission of pre-requisite customer information (to include a network diagram) Pre Assessment Activities: two weeks Time needed to complete assessment: one week Personnel required to perform assessment: customer point of contact responsible for coordinating all customer activity and IT staff to answer system and network related questions Timeframe for return of assessment results: six weeks
22 Cyber Evaluation Tool Description The Cyber Evaluation Tool (CSET ) is a no-cost, voluntary desktop stand-alone application that guides asset owners and operators through a systematic process to evaluate their operational technology (OT) and information technology (IT) network security practices. Using the tool organizations are able to evaluate their cybersecurity posture against recognized standards and best practice recommendations in a systematic, disciplined, and repeatable manner. Outcomes At the end of the evaluation, NCCIC will provide reports that present the assessment results in both summary and detailed form. Users are easily able to filter content or drill down to look at information that is more granular. Assessment Logistics - Download the Tool The CSET is immediately available for download upon request - Select Standards Users select one or more government and industry-recognized cybersecurity standards. CSET then generates questions that are specific to those requirements. - Determine Assurance Level The security assurance level (SAL) is determined by responses to questions relating to the potential consequences of a successful cyber-attack on an organization, facility, system, or subsystem. It can be selected or calculated and provides a recommended level of cybersecurity rigor necessary to protect against a worst-case event. - Answer the Questions CSET then generates questions using the network topology, selected security standards, and SAL as its basis.
23 Cyber Evaluation Tool (CSET ) R Stand-alone software application Self-assessment using recognized standards Tool for integrating cybersecurity into existing corporate risk management strategy CSET Download: 23
24 Cyber Resilience Review Purpose: The CRR is an assessment intended to evaluate an organization s operational resilience and cybersecurity practices of its critical services Delivery: The CRR can be facilitated self-administered CRR Self-Assessment Package is available on the C-Cubed Voluntary Program website. Helps public and private sector partners understand and measure cyber security capabilities as they relate to operational resilience and cyber risk Based on the CERT Resilience Management Model (CERT RMM)) CRR Question Set & Guidance The CRR provides organizations with a no-cost method to assess their cybersecurity postures and measure against the NIST CSF.
25 Cyber Resilience Review Domains Asset Management Know your assets being protected & their requirements, e.g., CIA Configuration and Change Management Manage asset configurations and changes Controls Management Manage and monitor controls to ensure they are meeting your objectives External Dependencies Management Know who your most important external entities are and manage the risks they pose to essential services Incident Management Be able to detect and respond to incidents Risk Management Know your biggest risks and address them in a manner that considers cost and your risk tolerances Service Continuity Management Ensure workable plans are in place to manage disruptions Situational Awareness Actively discover and analyze information related to immediate operational stability and security Training and Awareness Ensure your people are trained on and aware of cybersecurity risks and practices Vulnerability Management Know your vulnerabilities and manage those that pose the most risk For more information:
26 CSF Summary in the CRR
27 Why is all this effort important? UNCLASSIFIED
28 Incident Management While roughly 70% of organizations perform event detection 50% of organizations have a plan for managing incidents 55% have a process to declare incidents only 37% have developed incident declaration criteria to guide their staff
29 Service Continuity Management Less than 50% of organizations have documented service continuity plans and only 42% specify recovery time and recovery point objectives in their plans.
30 Sector Performance: Top Tier
31 Sector Performance: Bottom Tier
32 CRR Resource Guides CRR Domains: The CRR methodology is based on 10 domains, each representing a capability area foundational to an organization s cyber resilience. Resource Guides: In 2016, DHS released a set of CRR Resource Guides to assist organizations in enhancing their resilience in specific CRR domains. Scope of Content: While the guides were developed for organizations to utilize after conducting a CRR, these publications provide content useful for all organizations with cybersecurity equities. Flexibility in Use: Moreover, the guides can be utilized as a full set or as individual components, depending on organizational preference and/or need. CRR Resource Guide Asset Management CRR Resource Guides provide organizations with a tool to develop their capabilities in security management areas moving organizations from initial to well-defined capability. For more information, please visit:
33 EDM Assessment Overview: In 2016, DHS launched the External Dependencies Management (EDM) Assessment, focusing specifically on ensuring the protection and sustainment of services and assets that are dependent on the actions of third-party entities. Background: External Dependencies Management is a domain covered by the CRR. However, EDM and associated issues (e.g., supply-chain management, vendor management) are not addressed at a comprehensive level within the CRR, resulting in the creation of a separate assessment. Linkages to CRR: Despite operating at a more granular level than the CRR, the EDM Assessment borrows heavily from the CRR s methodological architecture and scoring system but remains a DHS-facilitated assessment. EDM process outlined in the External Dependencies Management Resource Guide The EDM Assessment provides stakeholders with a more in-depth examination of risks associated with their third-party entities.
34 EDM Assessment Report Each EDM report includes: Performance summary of existing capability managing external dependencies Sub-domain performance of existing capability managing external dependencies and options for consideration for all responses comparison data with other EDM participants
35 CIS Highlights
36 CIS Dashboard - Comparison Shows the low, median, and high performers Compares your organization to the aggregate
37 A lot of Information Water ISAC Information Center Cybersecurity Resource Guide NIST , Guide to Industrial Controls Systems (ICS)
38 Cyber Exercises and Planning The NCCIC s National Cyber Exercise and Planning Program (NCEPP) develops, conducts and evaluates cyber-exercises and planning activities for state, local, tribal and territorial governments as well as public and private sector critical infrastructure organizations. Cyber Storm Exercise DHS s flagship national-level biennial exercise Exercise Planning and Conduct Cyber Exercise Consulting and SME Support Cyber Planning Support Off-the-Shelf Resources
39 The Foundation for our Nation s Cyber Workforce The National Cybersecurity Workforce Framework is a collection of definitions that describe types of cybersecurity work and skills requires to perform it. When used nationally, the definitions can help establish universallyapplicable cybersecurity skills, training/development, and curricula 7 Categories, 30+ Specialty Areas Baselines knowledge, skills, and abilities & tasks Operate & Maintain Securely Provision Analyze Collect & Operate Oversight & Development Protect & Defend Investigate
40 NCCIC in Brief Responsibilities include: The mission of the National Cybersecurity and Communications Integration Center (NCCIC) is to reduce the likelihood and severity of incidents that may significantly compromise the security and resilience of the Nation s critical information technology and communications networks. Provide alerts, warnings, common operating picture on cyber and communications incidents in real time to virtual and on-site partners Work 24X7 with partners to mitigate incidents: On-site partners include the Department of Defense, Federal Bureau of Investigation, Secret Service, Information Sharing and Analysis Centers (ISACs) and DHS components such as Office of Industry and Analysis Public and private sector partners share and receive information subject to information sharing protocols 40
41 Incident Reporting NCCIC provides real-time threat analysis and incident reporting capabilities 24x7 contact: or tps://forms.us-cert.gov/report/ Malware When to Submission Report: Process: If there is a suspected or confirmed cyber attack or incident that: -Affects Please core send government all submissions or critical to AMAC infrastructure functions; -Results at: submit@malware.us-cert.gov in the loss of data, system availability; or control of systems; -Indicates Must be malicious provided software in password-protected is present on critical systems zip files using password infected Web-submission: FOUO / UNCLASS 41
42 DHS Cybersecurity Services- In Summary Preparedness Activities Information / Threat Indicator Sharing Cybersecurity Training and Awareness Cyber Exercises and Playbooks National Cyber Awareness System Vulnerability Notes Database Information Products and Recommended Practices Industrial Control Systems Evaluations Other Cyber Evaluations Cyber Resilience Reviews (CRR ) Cyber Infrastructure Surveys Vulnerability Scanning Network Risk and Vulnerability Assessments (aka Pen Tests) External Dependency Management Reviews Cyber Evaluation Tool (CSET ) Validated Architecture Design Review (VADR) NCCIC Response Assistance Remote / On-Site Assistance Malware Analysis Hunt and Incident Response Teams Incident Coordination Multi-State Information Sharing and Analysis Center (MS-ISAC) Cyber Advisors Protective Advisors
43 Contact Information General Inquiries C3VP: us-cert.gov/ccubedvp DHS Contact Information Department of National Protection and Programs Directorate Office of Cybersecurity and Communications Rick Gardner Cybersecurity Advisor Kenny Longfritz Protective Advisor Harley D. Rinerson Chief of Operations Central Untied States
Homeland Security Perspectives: Oregon Fire District Directors Association October 25, 2018
Perspectives: Oregon Fire District Directors Association October 25, 2018 Ronald D. Watters Jr M.Ed GSLC Cybersecurity Advisor Region X Stakeholder Engagement and Cyber Infrastructure Resilience (SECIR)
More informationCyber Security & Homeland Security:
Cyber Security & Homeland Security: Cyber Security for CIKR and SLTT Michael Leking 19 March 2014 Cyber Security Advisor Northeast Region Office of Cybersecurity and Communications (CS&C) U.S. Department
More informationEvaluating and Improving Cybersecurity Capabilities of the Electricity Critical Infrastructure
Evaluating and Improving Cybersecurity Capabilities of the Electricity Critical Infrastructure March 2015 Pamela Curtis Dr. Nader Mehravari Katie Stewart Cyber Risk and Resilience Management Team CERT
More informationPanelists. Moderator: Dr. John H. Saunders, MITRE Corporation
SCADA/IOT Panel This panel will focus on innovative & emerging solutions and remaining challenges in the cybersecurity of industrial control systems ICS/SCADA. Representatives from government and infrastructure
More informationJune 5, 2018 Independence, Ohio
June 5, 2018 Independence, Ohio The Office of Infrastructure Protection National Protection and Programs Directorate Department of Homeland Security Securing the Nation at the Community Level 2018 Cuyahoga
More informationDHS Cybersecurity: Services for State and Local Officials. February 2017
DHS Cybersecurity: Services for State and Local Officials February 2017 Department of Established in March of 2003 and combined 22 different Federal departments and agencies into a unified, integrated
More informationOverview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013
Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013 PPD-21: CI Security and Resilience On February 12, 2013, President Obama signed Presidential Policy Directive
More informationTestimony. Christopher Krebs Director Cybersecurity and Infrastructure Security Agency U.S. Department of Homeland Security FOR A HEARING ON
Testimony Christopher Krebs Director Cybersecurity and Infrastructure Security Agency U.S. Department of Homeland Security FOR A HEARING ON Defending Our Democracy: Building Partnerships to Protect America
More informationDHS Cybersecurity. Election Infrastructure as Critical Infrastructure. June 2017
DHS Cybersecurity Election Infrastructure as Critical Infrastructure June 2017 Department of Homeland Security Safeguard the American People, Our Homeland, and Our Values Homeland Security Missions 1.
More informationDHS Election Task Force Updates. Geoff Hale, Elections Task Force
1 DHS Election Task Force Updates Geoff Hale, Elections Task Force Geoffrey.Hale@hq.dhs.gov ETF Updates Where we ve made progress Services EI-ISAC/ National Cyber Situational Awareness Room What we ve
More informationWater Information Sharing and Analysis Center
SUPERCHARGE YOUR SECURITY Water Information Sharing and Analysis Center DHS Hunt and Incident Response Team September 12, 2018 SUPERCHARGE YOUR SECURITY Presenter Brian Draper, DHS NCCIC HIRT Slides and
More informationHomeland Security Perspectives: Cyber Security Resources for Small and Medium- Sized Businesses November 03, 2017
Perspectives: Cyber Resources for Small and Medium- Sized Businesses November 03, 2017 Ronald D. Watters Jr M.Ed GSLC Cybersecurity Advisor Region X Stakeholder Engagement and Cyber Infrastructure Resilience
More informationCybersecurity Presidential Policy Directive Frequently Asked Questions. kpmg.com
Cybersecurity Presidential Policy Directive Frequently Asked Questions kpmg.com Introduction On February 12, 2013, the White House released the official version of the Presidential Policy Directive regarding
More informationElection Infrastructure Security: The How and Why of It
Election Infrastructure Security: The How and Why of It Minnesota County Auditor Election Training Conference May 3, 2018 Contents Election Infrastructure Security Overview Cyber and Physical Security
More informationFederal Civilian Executive branch State, Local, Tribal, Territorial government (SLTT) Private Sector (PS) Unclassified / Business Networks
Brownsville Public Utilities Board Cyber Security Initiative A result of the BPUB IT Strategic Plan implemented a Cyber Security Framework (CSF) that utilizes : Security standards Tools and Best practices
More informationThe Office of Infrastructure Protection
The Office of Infrastructure Protection National Protection and Programs Directorate Department of Homeland Security Protective Security Coordination Division Overview ND Safety Council Annual Conference
More informationNCSF Foundation Certification
NCSF Foundation Certification Overview This ACQUIROS accredited training program is targeted at IT and Cybersecurity professionals looking to become certified on how to operationalize the NIST Cybersecurity
More informationCYBERSECURITY FOR STARTUPS AND SMALL BUSINESSES OVERVIEW OF CYBERSECURITY FRAMEWORKS
CYBERSECURITY FOR STARTUPS AND SMALL BUSINESSES OVERVIEW OF CYBERSECURITY FRAMEWORKS WILLIAM (THE GONZ) FLINN M.S. INFORMATION SYSTEMS SECURITY MANAGEMENT; COMPTIA SECURITY+, I-NET+, NETWORK+; CERTIFIED
More informationWhy you should adopt the NIST Cybersecurity Framework
Why you should adopt the NIST Cybersecurity Framework It s important to note that the Framework casts the discussion of cybersecurity in the vocabulary of risk management Stating it in terms Executive
More information2016 Nationwide Cyber Security Review: Summary Report. Nationwide Cyber Security Review: Summary Report
Nationwide Cyber Security Review: Summary Report Nationwide Cyber Security Review: Summary Report ii Nationwide Cyber Security Review: Summary Report Acknowledgments The Multi-State Information Sharing
More informationBUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE
BUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE 1 WHAT IS YOUR SITUATION? Excel spreadsheets Manually intensive Too many competing priorities Lack of effective reporting Too many consultants Not
More informationManaging IT & Election Systems. U.S. Election Assistance Commission 1
Managing IT & Election Systems U.S. Election Assistance Commission www.eac.gov 1 Election Administrators are IT Managers Election Officials and their constituencies must understand that they are complex
More informationUpdates to the NIST Cybersecurity Framework
Updates to the NIST Cybersecurity Framework NIST Cybersecurity Framework Overview and Other Documentation October 2016 Agenda: Overview of NIST Cybersecurity Framework Updates to the NIST Cybersecurity
More informationDr. Emadeldin Helmy Cyber Risk & Resilience Bus. Continuity Exec. Director, NTRA. The African Internet Governance Forum - AfIGF Dec 2017, Egypt
Dr. Emadeldin Helmy Cyber Risk & Resilience Bus. Continuity Exec. Director, NTRA The African Internet Governance Forum - AfIGF2017 5 Dec 2017, Egypt Agenda Why? Threats Traditional security? What to secure?
More informationCritical Infrastructure Sectors and DHS ICS CERT Overview
Critical Infrastructure Sectors and DHS ICS CERT Overview Presented by Darryl E. Peek II REGIONAL INTELLIGENCE SEMINAR AND NATIONAL SECURITY FORUM 2 2 Authorities and Related Legislation Homeland Security
More informationCYBER RESILIENCE & INCIDENT RESPONSE
CYBER RESILIENCE & INCIDENT RESPONSE www.nccgroup.trust Introduction The threat landscape has changed dramatically over the last decade. Once the biggest threats came from opportunist attacks and preventable
More informationISAO SO Product Outline
Draft Document Request For Comment ISAO SO 2016 v0.2 ISAO Standards Organization Dr. Greg White, Executive Director Rick Lipsey, Deputy Director May 2, 2016 Copyright 2016, ISAO SO (Information Sharing
More informationCyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS
Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS Continual disclosed and reported
More informationNational Policy and Guiding Principles
National Policy and Guiding Principles National Policy, Principles, and Organization This section describes the national policy that shapes the National Strategy to Secure Cyberspace and the basic framework
More informationSTRATEGY ATIONAL. National Strategy. for Critical Infrastructure. Government
ATIONAL STRATEGY National Strategy for Critical Infrastructure Government Her Majesty the Queen in Right of Canada, 2009 Cat. No.: PS4-65/2009E-PDF ISBN: 978-1-100-11248-0 Printed in Canada Table of contents
More informationUNCLASSIFIED. National and Cyber Security Branch. Presentation for Gridseccon. Quebec City, October 18-21
National and Cyber Security Branch Presentation for Gridseccon Quebec City, October 18-21 1 Public Safety Canada Departmental Structure 2 National and Cyber Security Branch National and Cyber Security
More informationICS-CERT Year in Review. Industrial Control Systems Cyber Emergency Response Team
ICS-CERT Year in Review Industrial Control Systems Cyber Emergency Response Team 2012 What s Inside Welcome 1 Organization 3 Outreach 4 Industrial Control Systems Joint Working Group 5 Advanced Analytical
More informationEnhancing the Cybersecurity of Federal Information and Assets through CSIP
TECH BRIEF How BeyondTrust Helps Government Agencies Address Privileged Access Management to Improve Security Contents Introduction... 2 Achieving CSIP Objectives... 2 Steps to improve protection... 3
More informationInformation Security Continuous Monitoring (ISCM) Program Evaluation
Information Security Continuous Monitoring (ISCM) Program Evaluation Cybersecurity Assurance Branch Federal Network Resilience Division Chad J. Baer FNR Program Manager Chief Operational Assurance Agenda
More informationImplementing Executive Order and Presidential Policy Directive 21
March 26, 2013 Implementing Executive Order 13636 and Presidential Policy Directive 21 Mike Smith, Senior Cyber Policy Advisor, Office of Electricity Delivery and Energy Reliability, Department of Energy
More informationDepartment of Homeland Security Updates
American Association of State Highway and Transportation Officials Special Committee on Transportation Security and Emergency Management 2016 Critical Infrastructure Committee Joint Annual Meeting Department
More informationThe Office of Infrastructure Protection
The Office of Infrastructure Protection National Protection and Programs Directorate Department of Homeland Security Native American Risk Management Conference 20 July, 2018 Bridging the Gap: Delivering
More informationUnited States Coast Guard Office of Port and Facility Compliance (CG-FAC) Cybersecurity and the Marine Transportation System.
United States Coast Guard Office of Port and Facility Compliance (CG-FAC) Cybersecurity and the Marine Transportation System Overview Coast Guard Cyber Strategy Cyber Framework (CSF) What does it mean
More informationDepartment of Management Services REQUEST FOR INFORMATION
RESPONSE TO Department of Management Services REQUEST FOR INFORMATION Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services September 3, 2015 250 South President
More informationNational Cyber Security Strategy - Qatar. Michael Lewis, Deputy Director
National Cyber Security Strategy - Qatar Michael Lewis, Deputy Director 2 Coordinating a National Approach to Cybersecurity ITU Pillars of Cybersecurity as a Reference Point providing the collected best
More informationIndustry role moving forward
Industry role moving forward Discussion with National Research Council, Workshop on the Resiliency of the Electric Power Delivery System in Response to Terrorism and Natural Disasters February 27-28, 2013
More informationStatement for the Record
Statement for the Record of Seán P. McGurk Director, Control Systems Security Program National Cyber Security Division National Protection and Programs Directorate Department of Homeland Security Before
More informationChapter X Security Performance Metrics
Chapter X Security Performance Metrics Page 1 of 10 Chapter X Security Performance Metrics Background For many years now, NERC and the electricity industry have taken actions to address cyber and physical
More informationIncident Response Services to Help You Prepare for and Quickly Respond to Security Incidents
Services to Help You Prepare for and Quickly Respond to Security Incidents The Challenge The threat landscape is always evolving and adversaries are getting harder to detect; and with that, cyber risk
More informationMedical Device Cybersecurity: FDA Perspective
Medical Device Cybersecurity: FDA Perspective Suzanne B. Schwartz MD, MBA Associate Director for Science and Strategic Partnerships Office of the Center Director (OCD) Center for Devices and Radiological
More informationCyber Security Program
Cyber Security Program Cyber Security Program Goals and Objectives Goals Provide comprehensive Security Education and Awareness to the University community Build trust with the University community by
More informationNational Preparedness System (NPS) Kathleen Fox, Acting Assistant Administrator National Preparedness Directorate, FEMA April 27, 2015
National Preparedness System (NPS) Kathleen Fox, Acting Assistant Administrator National Preparedness Directorate, FEMA April 27, 2015 The Post Katrina Emergency Management Reform Act (2006) Required the
More informationBradford J. Willke. 19 September 2007
A Critical Information Infrastructure Protection Approach to Multinational Cyber Security Events Bradford J. Willke 19 September 2007 Overview A framework for national Critical Information Infrastructure
More informationThe Office of Infrastructure Protection
The Office of Infrastructure Protection National Protection and Programs Directorate Department of Homeland Security Protective Security Advisors and Special Event Domestic Incident Tracker Overview Federal
More informationControl Systems Cyber Security Awareness
Control Systems Cyber Security Awareness US-CERT Informational Focus Paper July 7, 2005 Produced by: I. Purpose Focus Paper Control Systems Cyber Security Awareness The Department of Homeland Security
More informationThe Office of Infrastructure Protection
The Office of Infrastructure Protection National Protection and Programs Directorate Department of Homeland Security Organisation for the Prohibition of Chemical Weapons September 13, 2011 Overall Landscape
More informationWelcome to the CyberSecure My Business Webinar Series We will begin promptly at 2pm EDT All speakers will be muted until that time
TM Plan. Protect. Respond. Welcome to the CyberSecure My Business Webinar Series We will begin promptly at 2pm EDT All speakers will be muted until that time Registration is open for the April webinar:
More informationCybersecurity A Regulatory Perspective Sara Nielsen IT Manager Federal Reserve Bank of Kansas City
1 Cybersecurity A Regulatory Perspective Sara Nielsen IT Manager Federal Reserve Bank of Kansas City The opinions expressed are those of the presenters and are not those of the Federal Reserve Banks, the
More informationCyber Hygiene: A Baseline Set of Practices
[DISTRIBUTION STATEMENT A] Approved for public Cyber Hygiene: A Baseline Set of Practices Matt Trevors Charles M. Wallen Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213 Copyright
More informationIncident Response Table Tops
Incident Response Table Tops Agenda Introductions SecureState overview Need for improved incident response capability https://pollev.com/securestate Overview of the exercise: Sample incident response table
More informationNCSF Foundation Certification
NCSF Foundation Certification Overview This ACQUIROS accredited training program is targeted at IT and Cybersecurity professionals looking to become certified on how to operationalize the NIST Cybersecurity
More informationOffice of Infrastructure Protection Overview
Office of Infrastructure Protection Overview Harvey Perriott Protective Security Advisor North Texas District U.S. Department of Homeland Security Vision and Mission Vision A safe, secure, and resilient
More informationPresented by Ingrid Fredeen and Pamela Passman. Copyright 2017NAVEXGlobal,Inc. AllRightsReserved. Page 0
Cyber Security and Inside Threats: Turning Policies into Practices Presented by Ingrid Fredeen and Pamela Passman Copyright 2017NAVEXGlobal,Inc. AllRightsReserved. Page 0 Presented By Ingrid Fredeen, J.D.
More informationCyber Resilience. Think18. Felicity March IBM Corporation
Cyber Resilience Think18 Felicity March 1 2018 IBM Corporation Cyber Resilience Cyber Resilience is the ability of an organisation to maintain its core purpose and integrity during and after a cyber attack
More informationRBI GUIDELINES ON CYBER SECURITY AND RAKSHA APPROACH
RBI GUIDELINES ON CYBER SECURITY AND RAKSHA APPROACH RBI GUIDELINES ON CYBER SECURITY AND RAKSHA APPROACH CONTEXT RBI has provided guidelines on Cyber Security Framework circular DBS. CO/CSITE/BC.11/33.01.001/2015-16
More informationOverview of the Federal Interagency Operational Plans
Overview of the Federal Interagency Operational Plans July 2014 Table of Contents Introduction... 1 Federal Interagency Operational Plan Overviews... 2 Prevention Federal Interagency Operational Plan...2
More information2014 Sector-Specific Plan Guidance. Guide for Developing a Sector-Specific Plan under NIPP 2013 August 2014
2014 -Specific Plan Guidance Guide for Developing a -Specific Plan under NIPP 2013 August 2014 How to Use this Guidance This page provides a roadmap to assist critical infrastructure partners in navigating
More informationEmerging Issues: Cybersecurity. Directors College 2015
Emerging Issues: Cybersecurity Directors College 2015 Agenda/Objectives Define Cybersecurity Cyber Fraud Trends/Incidents FFIEC Cybersecurity awareness initiatives Community Bank expectations FFIEC Cybersecurity
More informationRSA NetWitness Suite Respond in Minutes, Not Months
RSA NetWitness Suite Respond in Minutes, Not Months Overview One can hardly pick up a newspaper or turn on the news without hearing about the latest security breaches. The Verizon 2015 Data Breach Investigations
More informationCyber Security Incident Report
Cyber Security Incident Report Technical Rationale and Justification for Reliability Standard CIP-008-6 January 2019 NERC Report Title Report Date I Table of Contents Preface... iii Introduction... 1 New
More informationSOLUTION BRIEF esentire Risk Advisory and Managed Prevention (RAMP)
SOLUTION BRIEF esentire Risk Advisory and Managed Prevention (RAMP) Adaptive Cybersecurity at the Speed of Your Business Attackers Evolve. Risk is in Constant Fluctuation. Security is a Never-ending Cycle.
More informationICBA Summary of FFIEC Cybersecurity Assessment Tool (May 2017 Update)
ICBA Summary of FFIEC Cybersecurity Assessment Tool (May 2017 Update) June 2017 INSERT YEAR HERE Contact Information: Jeremy Dalpiaz AVP, Cyber and Data Security Policy Jeremy.Dalpiaz@icba.org ICBA Summary
More informationAmerican Association of Port Authorities Port Security Seminar & Expo Cyber Security Preparedness and Resiliency in the Marine Environment
American Association of Port Authorities Port Security Seminar & Expo Cyber Security Preparedness and Resiliency in the Marine Environment July 20, 2017 DECIDEPLATFORM.COM The new Reality of Cyber Security
More informationMission: Continuity BUILDING RESILIENCE AGAINST UNPLANNED SERVICE INTERRUPTIONS
Mission: Continuity BUILDING RESILIENCE AGAINST UNPLANNED SERVICE INTERRUPTIONS Stephanie Poe, DNP, RN-BC CNIO, The Johns Hopkins Hospital and Health System Discussion Topics The Age of Acceleration Cyber
More informationHomeland Security and Cyber Infrastructure Resilience
January 2014 Homeland Security and Cyber Infrastructure Resilience Resources for and Results of DHS Cyber Evaluations, Incident Response, Threat Coordination, and Security Management Bradford J. Willke,
More informationNational Preparedness System. Update for EMForum June 11, 2014
National Preparedness System Update for EMForum June 11, 2014 Approach to National Preparedness Whole community integration Risk-driven Capability-based DRAFT 2 Presidential Policy Directive 8 (PPD) 8
More informationAdvanced Cyber Risk Management Threat Modeling & Cyber Wargaming April 23, 2018
Advanced Cyber Risk Management Threat Modeling & Cyber Wargaming April 23, 2018 The Homeland Security Systems Engineering and Development Institute (HSSEDI ) is a trademark of the U.S. Department of Homeland
More informationTEL2813/IS2820 Security Management
TEL2813/IS2820 Security Management Security Management Models And Practices Lecture 6 Jan 27, 2005 Introduction To create or maintain a secure environment 1. Design working security plan 2. Implement management
More informationPosition Description. Computer Network Defence (CND) Analyst. GCSB mission and values. Our mission. Our values UNCLASSIFIED
Position Description Computer Network Defence (CND) Analyst Position purpose: Directorate overview: The CND Analyst seeks to discover, analyse and report on sophisticated computer network exploitation
More informationFunction Category Subcategory Implemented? Responsible Metric Value Assesed Audit Comments
Function Category Subcategory Implemented? Responsible Metric Value Assesed Audit Comments 1 ID.AM-1: Physical devices and systems within the organization are inventoried Asset Management (ID.AM): The
More informationExecutive Order on Coordinating National Resilience to Electromagnetic Pulses
Executive Order on Coordinating National Resilience to Electromagnetic Pulses The Wh... Page 1 of 11 EXECUTIVE ORDERS Executive Order on Coordinating National Resilience to Electromagnetic Pulses INFRASTRUCTURE
More informationBusiness continuity management and cyber resiliency
Baker Tilly refers to Baker Tilly Virchow Krause, LLP, an independently owned and managed member of Baker Tilly International. Business continuity management and cyber resiliency Introductions Eric Wunderlich,
More information10 Cybersecurity Questions for Bank CEOs and the Board of Directors
4 th Annual UBA Bank Executive Winter Conference February, 2015 10 Cybersecurity Questions for Bank CEOs and the Board of Directors Dr. Kevin Streff Founder, Secure Banking Solutions 1 Board of Directors
More informationNATIONAL DEFENSE INDUSTRIAL ASSOCIATION Homeland Security Symposium
NATIONAL DEFENSE INDUSTRIAL ASSOCIATION Homeland Security Symposium Securing Cyber Space & America s Cyber Assets: Threats, Strategies & Opportunities September 10, 2009, Crystal Gateway Marriott, Arlington,
More informationJeff Marron, IT Specialist Security National Institute of Standards and Technology (NIST)
Moderated by Daniel Eliot, Director Small Business Programs NCSA Jeff Marron, IT Specialist Security National Institute of Standards and Technology (NIST) Tammy Smith, CISSP Cyber Security Advisor FedEx
More informationPIPELINE SECURITY An Overview of TSA Programs
PIPELINE SECURITY An Overview of TSA Programs Jack Fox Pipeline Industry Engagement Manager Surface Division Office of Security Policy & Industry Engagement May 5, 2014 TSA and Pipeline Security As the
More informationSoftware & Supply Chain Assurance: Enabling Enterprise Resilience through Security Automation, Software Assurance and Supply Chain Risk Management
Software & Supply Chain Assurance: Enabling Enterprise Resilience through Security Automation, Software Assurance and Supply Chain Risk Management Joe Jarzombek, PMP, CSSLP Director for Software & Supply
More informationStrengthening the Cybersecurity of Federal Networks and Critical Infrastructure
Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure Executive Order 13800 Update July 2017 In Brief On May 11, 2017, President Trump issued Executive Order 13800, Strengthening
More informationAutomating the Top 20 CIS Critical Security Controls
20 Automating the Top 20 CIS Critical Security Controls SUMMARY It s not easy being today s CISO or CIO. With the advent of cloud computing, Shadow IT, and mobility, the risk surface area for enterprises
More informationalign security instill confidence
align security instill confidence cyber security Securing data has become a top priority across all industries. High-profile data breaches and the proliferation of advanced persistent threats have changed
More informationTHE WHITE HOUSE. Office of the Press Secretary. EMBARGOED UNTIL DELIVERY OF THE PRESIDENT'S February 12, 2013 STATE OF THE UNION ADDRESS
THE WHITE HOUSE Office of the Press Secretary EMBARGOED UNTIL DELIVERY OF THE PRESIDENT'S February 12, 2013 STATE OF THE UNION ADDRESS February 12, 2013 PRESIDENTIAL POLICY DIRECTIVE/PPD-21 SUBJECT: Critical
More informationDesigning and Building a Cybersecurity Program
Designing and Building a Cybersecurity Program Based on the NIST Cybersecurity Framework (CSF) Larry Wilson lwilson@umassp.edu ISACA Breakfast Meeting January, 2016 Designing & Building a Cybersecurity
More informationMonthly Cyber Threat Briefing
Monthly Cyber Threat Briefing January 2016 1 Presenters David Link, PM Risk and Vulnerability Assessments, NCATS Ed Cabrera: VP Cybersecurity Strategy, Trend Micro Jason Trost: VP Threat Research, ThreatStream
More informationToday s cyber threat landscape is evolving at a rate that is extremely aggressive,
Preparing for a Bad Day The importance of public-private partnerships in keeping our institutions safe and secure Thomas J. Harrington Today s cyber threat landscape is evolving at a rate that is extremely
More informationCYBERSECURITY MATURITY ASSESSMENT
CYBERSECURITY MATURITY ASSESSMENT ANTICIPATE. IMPROVE. PREPARE. The CrowdStrike Cybersecurity Maturity Assessment (CSMA) is unique in the security assessment arena. Rather than focusing solely on compliance
More informationCyber Security Summit 2014 USCENTCOM Cybersecurity Cooperation
Cyber Security Summit 2014 USCENTCOM Cybersecurity Cooperation COL Michael R. Corpening Deputy Chief, Operations Division (CCJ6-O) 1 December 2014 The overall classification of this brief is UNCLASSIFIED
More informationSOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM
SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM OVERVIEW The Verizon 2016 Data Breach Investigations Report highlights that attackers are regularly outpacing the defenders.
More informationImplementing the Administration's Critical Infrastructure and Cybersecurity Policy
Implementing the Administration's Critical Infrastructure and Cybersecurity Policy Cybersecurity Executive Order and Critical Infrastructure Security & Resilience Presidential Policy Directive Integrated
More informationFFIEC Cyber Security Assessment Tool. Overview and Key Considerations
FFIEC Cyber Security Assessment Tool Overview and Key Considerations Overview of FFIEC Cybersecurity Assessment Tool Agenda Overview of assessment tool Review inherent risk profile categories Review domain
More informationCyber Resilience - Protecting your Business 1
Cyber Resilience - Protecting your Business 1 2 Cyber Resilience - Protecting your Business Cyber Resilience - Protecting your Business 1 2 Cyber Resilience - Protecting your Business Cyber Resilience
More informationThe NIST Cybersecurity Framework
The NIST Cybersecurity Framework U.S. German Standards Panel 2018 April 10, 2018 Adam.Sedgewick@nist.gov National Institute of Standards and Technology About NIST Agency of U.S. Department of Commerce
More informationCybersecurity, safety and resilience - Airline perspective
Arab Civil Aviation Commission - ACAC/ICAO MID GNSS Workshop Cybersecurity, safety and resilience - Airline perspective Rabat, November, 2017 Presented by Adlen LOUKIL, Ph.D CEO, Resys-consultants Advisory,
More informationDATA SHEET RSA NETWITNESS PLATFORM PROFESSIONAL SERVICES ACCELERATE TIME-TO-VALUE & MAXIMIZE ROI
DATA SHEET RSA NETWITNESS PLATFORM PROFESSIONAL SERVICES ACCELERATE TIME-TO-VALUE & MAXIMIZE ROI EXECUTIVE SUMMARY The shortage of cybersecurity skills Organizations continue to face a shortage of IT skill
More informationHow Boards use the NIST Cybersecurity Framework as a Roadmap to oversee cybersecurity
How Boards use the NIST Cybersecurity Framework as a Roadmap to oversee cybersecurity Why is the NIST framework important? GOH Seow Hiong Executive Director, Global Policy & Government Affairs, Asia Pacific
More informationArcGIS Solutions for Community Resilience. Matthew S Deal
ArcGIS Solutions for Community Resilience Matthew S Deal Solutions Overview Leverage hundreds of ready-to-use maps, apps, and platform configurations to meet your needs, delivering innovation and best
More information