RCA and APM Update. Latetia Henderson, APM Austin Gould, RCA Keith Goll, RCA
|
|
- Arron Stewart
- 5 years ago
- Views:
Transcription
1 RCA and APM Update Latetia Henderson, APM Austin Gould, RCA Keith Goll, RCA 1
2 Non-Materiel Materiel Capability Lifecycle RCA functions primarily in the early stages of capability development and acts as the Lead Business Authority (LBA) to validate that the user s need is met. RCA Functions (Primary) RCA Secondary/LBA Functions Capability Analysis Capability Analysis Report Mission Need Statement Concept of Operations Operational Requirements Document Detailed Specification Capability Developed Capability Fielded (Asset/System) Post Implementation Review Operational Analysis Asset/System APM Secondary/Key Stakeholder APM Functions (Primary) Technology Innovation and Demonstrations Responsible Office Secondary/Key Stakeholder Responsible Office Functions (Primary) Materiel Solutions: APM executes the acquisition program. RCA, as the LBA, acts as the primary end-user advocate of the capability throughout ALF activities. Non-Materiel Solutions: RCA works with the responsible Office to address the capability gap (e.g., Training, procedures, policy, etc.) 2
3 APM Overview APM delivers innovative capabilities to support Transportation Security Officers in the field and drive TSA s mission to secure the Nation s transportation systems. Test and Evaluation Division Technology Infrastructure Modernization Program Division Mission Support Division APM At a Glance Acquisition Management Functional Division APM Deployment and Logistics Division Consists of over 160 employees in seven divisions Acquisition Management Outreach Division Checked Baggage Technologies Division Checkpoint Solutions and Integration Division Manage TSA s Level 1, 2, and 3 acquisition programs, including: Set performance requirements for Transportation Security Equipment (TSE) Test, qualify, deploy, and manage the deployed TSE fleet Provide test and evaluation services to DHS stakeholders Conduct independent analyses of acquisition programs to provide assessment and recommendations to the Component Acquisition Executive (CAE) Develop, implement, and maintain the agency s cost estimation capability for acquisition programs Manages approx. $1B in acquisition program funds Checked Baggage Technologies Division (CBTD) Mission Scheduling and Notification System (MSNS) Checkpoint Solutions and Integration Division (CSID) Modernization, Performance Management Information System (PMIS) Maintains a fleet of over 14,000 deployed TSE Security Technology Integrated Program (STIP) Technology Infrastructure Modernization Program (TIM) Provides Acquisition Directive expertise to program managers 3
4 RCA Overview Perform gap analysis. Develop requirements to close identified gaps. Develop and enhance capabilities. Serve as the lead business authority for the agency. Provide decision making support to TSA. Manages $124M portfolio Employs 100 full time employees 4 Completed more than 15 pilots and demonstrations across Aviation and Intermodal Security spaces Completed 64 reviews & 15 technical documents for DHS as TSA s requirements development shop and JRC gatekeeper
5 RCA Recent Successes Enhanced Accessible Property Screening Pilot yielded 156% detection improvement Computed Tomography 15 deployed by end of calendar year Biometrics 5 Biometric pilots at 5 airports Signed joint memo with CBP Threat Response PEDs Powders Innovation Demonstrations ASL lanes at 14 airports BAA - identified over 175 innovative solutions Detection Standards 6 created/updated/ managed (APSS, AIT, EDS, ETD, BLS, and EMD) Detection at Range (DaR) Tested with >10 mass transit end users over past 2 years Enables law enforcement to identify concealed objects 5
6 APM FY18 Initiatives APM s ultimate goal is to implement a dynamic and adaptable communications infrastructure that facilitates the transfer of data between TSE, TSA Data Centers, and TSA Operational Stakeholders. Connectivity Security Technology Integrated Program (STIP) creates a web of interconnected TSE that ties back to a centralized control point. STIP will use DOMAIN to develop and deploy the endpoint connectivity solution, and will secure the endpoint with a combination of software (firewalls) and secure system architecture. Credential Authentication Technology CAT provides enhanced tools in one machine to enable the ability to detect real, fake, counterfeit, and fraudulent IDs, at a cost efficient price. CAT relies on network connection to Secure Flight (SF) via STIP to receive passenger flight and vetting information. Lease vs Buy Analysis Cybersecurity Working with key stakeholders to define Federal Information Security Management Act (FISMA) boundaries and applicable cyber requirements, obtain Authority to Operate (ATO) and manage compliance, and ensure all procurement packages through the Information Technology Acquisition Review (ITAR) process Computed Tomography In order to address emerging and evolving threats, TSA is committed to rapidly developing and deploying CT to the checkpoint. The end goal of this effort is an eventual replacement of all ATs with CTs. TSA is exploring new acquisition approaches to more quickly and efficiently deploy TSE while increasing the pace of security innovation. enhancing operations, and improving customer experience. Security Customer Experience Operations 6
7 RCA FY18 Initiatives APSS Development Risk Analysis Expand Capability Requirements Innovation Demos System Architecture Biometrics Mature TSCAP International Engagement S&T Partnership 7
8 Notional APM FY19 Budget Landscape APM FY19 Budget Total*: $732M PC&B: $30M / 4% Maintenance: $282M / 39% Capital Fund $250M Maintenance $282M Other Transactional Agreements (OTAs) Checked Baggage Technology Procurements Includes carryover funds Checkpoint and Checked Baggage Maintenance Support OTAs: $96M Technology Procurements: $155M PSP Maintenance: $81M EBSP Maintenance: $200M Capital Fund: $250M / 34% Program Funding $170M PC&B $30M Checkpoint Technology Deployment Procurements STIP Maintenance/Pilots Algorithm Development and Professional & Engineering Technology Enhancements Contract Support Test and Evaluation Travel, Training, Supplies Program Funding: $170M / 23% Checked Baggage: $27M Checkpoint: $143M *Information presented may change based on final appropriations and/or TSA priorities 8
9 Traditional Barriers to Quicker Acquisition Focus Areas 1 Technology and Industry Limitations: Technology essentially a COTS product and not readily available to meet requirements without lengthy development cycles. Market share is often limited, restricting access to best available. 5 Workforce Proficiency: Much of acquisition workforce does not possess necessary experience (e.g. scheduling, subject matter expertise, IT, etc.). High attrition, vacancy rates, and low engagement compound issues. 2 Organizational Interdependencies: Integrated responsibilities with other offices (e.g. RCA, OTD, OSO, OIT, OSO) introduces risk and opportunities for confused lines of responsibility. 6 Reactive Nature: Program frequently in the position of catching up with operator/threat. Changing priorities/ nice to haves frequently take precedence over identified needs (e.g. scope creep). 3 4 Fluid Enterprise Strategic Focus and Mission Needs: Changes to mission and strategic focus influences program level decision making and prioritization. Clear Functional Requirements: Successfully testing and making necessary trade-offs to deliver capability relies on a foundation of complete and straightforward requirements Risk Averse: Challenge of balancing trade-offs for rapid action, innovation and risks (e.g. policy, cyber security, certification/operational testing, etc.) Complicated Governance: DHS oversight carries similar aversion to risk and with additional focus on process; interpretation of policy can limit flexibility. Technical Debt: Historical development /deployment /issues have created scar tissue that impedes future progress. 9
10 APPENDIX 10
11 TSAM Overview The TSAM tailors DHS acquisition policy to the specific needs of TSA, including opportunities for flexibility and methods of acceleration, by clearly defining a repeatable, transparent, end-to-end acquisition process that operates synchronously with TSA business processes and the Administrator s Intent. TSAM Structure Sections Acquisition Manual Intent R&Rs Phases Methods of Acceleration Processes/ Reviews Enclosure TSAM Value Aligns to Administrator s Intent 2.1: Improve the speed to decision and 2.2: Reduce the time to field solutions, through a repeatable end-to-end process Incorporates acquisition best practices from DHS AD-102, Coast Guard Major Systems Acquisitions Manual (MSAM), and CBP Program Lifecycle Process (PLP) Guide Implements Pre-Need Phase and ADE-0 to synchronize TSA s CIP, PPBE, RAP, capability gap identification/prioritization, and acquisition strategy to a calendar-driven basis with field input Fosters intelligent trade offs in risk through Methods of Acceleration such as agile project management, ALF IPTs, and IMS accelerators Provides a structured process to transition ITF demonstrations to a PoR that is AD-102 compliant and has organizational buy in from DHS PARM 11 TSAM Implementation (six months to complete implementation) Championship TSAM: TSA Administrator Implementation: CAE, RCA/APM AAs TSA Business Process: CFO, CIO Ownership TSAM: CAE Implementation: RCA/APM DDs/Staff Accountability: Performance Plans Implementation Plan Singular Plan: CAE, RCA, APM Engagement: stakeholders not as recipients, but as invested participants
12 Emergent Acquisitions Working with PARM and using JIDO as a model, we designed a TSA-tailored Emergent Operational Need (EON) acquisition process to serve as a middle path between AD-102 and UON. Emergent Operational Need (EON) Acquisition Lifecycle Emergent Operational Need (EON): identified by the TRG, from intelligence or through developments in the field or in the transportation arena, which, if not addressed in a two-year timeframe, could lead to loss of life or become an urgent need. EON Request E1 Analyze and Select E2 Obtain Produce, Deploy, and Support As needed Six months 18 months One month One month EON Implementation Implementing the EON process would require: Approval of a TSA EON IPT to serve as a task force for EON analysis and development Expedient reviews by the JRC, PARM, DHS and TSA CFOs, an ARB, and the CAE Accepting risk in the form of minimum viable product (MVP) style acquisition documentation EON Execution Executing the EON process would result in: Improved speed to decision through increased leadership oversight and accelerated reviews Reduced time to field solutions through accelerated analysis and an empowered workforce Defining a middle path to acquisitions that is transferrable to the traditional AD-102 path 12
13 Connectivity APM s ultimate goal is to implement a dynamic and adaptable communications infrastructure that facilitates the transfer of data between TSE, TSA Data Centers, and TSA Operational Stakeholders. STIP Cybersecurity Security Technology Integrated Program (STIP) creates a web of interconnected TSE that ties back to a centralized control point, which allows for greater transparency and control over field operations, enhanced data flows, and increased automation. STIP will use DOMAIN to develop and deploy the endpoint connectivity solution, and will secure the endpoint with a combination of software (firewalls) and secure system architecture. STIP Future Deployment The Cyber Risk Framework supports APM s cybersecurity mission and goals via three domain areas: Secure: Enhance controls to protect against threats & comply with cybersecurity standards & regulations Vigilant: Detect violations & anomalies through better situational awareness across the environment Resilient: Establish the ability to quickly return to normal operations & repair damage to the business Phase 1: Pilot at IAD Implementation of National Institute of Standards and Technology (NIST) and DHS security controls allow TSEs to securely connect to the network. Technical security and process engineering supports secure endpoint deployment. Phase 1: Pilot at IAD Airport Phase 2: Extension to CAT X Airports Phase 3: Wide-Scale Deployments to US airports A cybersecure environment enables remote monitoring, diagnosing, troubleshooting TSE which allows TSA to address equipment issues and manage configurations. 13
14 Credential Authentication Technology (CAT) and Computed Tomography (CT) CAT The current ability to detect REAL, fake, counterfeit, & fraudulent IDs relies on a manual process to authenticate various forms of ID presented by passengers, airport/airline personnel, and officers at security checkpoints or exit lanes. CT In order to address emerging and evolving threats, TSA is committed to rapidly developing and deploying CT to the checkpoint. The end goal of this effort is an eventual replacement of all ATs with CTs. CAT provides those enhanced tools in one machine, at a cost efficient price. CAT relies on network connection to Secure Flight (SF) via STIP to receive passenger flight and vetting information. CAT enhances the TSO s ability to: Accurately verify passengers identity documents (ID) Accurately validate passengers flight reservation status Accurately verify Secure Flight passenger s vetting status Timeline: ADE-2A in FY19Q2 to support beginning of deployment in FY19Q3 for Pre-Check TSA is pursuing a dual-track approach to field CT systems by FY 2019 and to enable CT systems to achieve a higher Accessible Property Screening System (APSS) detection standard. Short-term strategy: Executing the AT/CT project under the Advanced Technology (AT) program Conducting qualification testing (QT) in Q3 and operational testing (OT) in Q4 FY18 Long-term strategy: Standing-up a separate APS Program to work towards an improved algorithm, connectivity, and full cyber protections, and seek ADE-2a by Q2FY19 14
15 Lease Versus Buy Analysis Objectives TSA is exploring new acquisition approaches to more quickly and efficiently deploy TSE while increasing the pace of security innovation. enhancing operations, and improving customer experience. Security Customer Experience Operations Approach Engage airlines, airports, vendors, and potential third-party financing providers to more fully understand: Current market options for leasing arrangements and their implications Environmental or policy barriers and high-level mitigation options Develop a quantitative cost and qualitative benefits case for arrangements (including incentives and parameters) suited to specific TSE types 15
16 16
17 RCA Future State ACCOMPLISHMENTS Where we are today? FUTURE FOCUS Where we are going? INDUSTRY NEEDS How industry can help? Computed Tomography (CT) development Finalize TSA Biometrics Strategy Raise Global Security Baseline with emerging threats Develop, test, and deploy checkpoint CT Implement System Architecture Create Identity Verification roadmap to guide TSA investments Improve technology transitions and acquisitions processes Mature requirements development processes to create testable, detailed requirements Provide technical expertise Grow organizational risk assessment capabilities Improve capability development and analysis Mature existing gap analysis processes Provide system engineering support 17
Office of Acquisition Program Management (OAPM)
Office of Acquisition Program Management (OAPM) Ron Gallihugh Assistant Administrator Airport Consultants Council July 18, 2017 Acquisition Reform Historically, Transportation Security Administration (TSA)
More informationAirport Consultants Council
Airport Consultants Council Jose Bonilla Innovation Task Force: Future of Security Airport Consultants Council July 20, 2016 Innovating the Future of Aviation Security Cybersecurity Cybersecurity Requirements;
More informationPassenger Screening Program
Passenger Screening Program Mario Wilson Division Director Airport Consultants Council July 20, 2017 Key Topics Passenger Screening Program Funding Priorities Planned Funding Activities Planned Funding
More informationSecurity Checkpoints: Evolving Technology and Planning Considerations
Security Checkpoints: Evolving Technology and Planning Considerations 2018 Airports @ Work March 14, 2018 Agenda Yesterday / Today Ongoing / Near-Term Future Long-term Recommendations Yesterday / Today
More information6/18/ ACC / TSA Security Capabilities Workshop THANK YOU TO OUR SPONSORS. Third Party Testing Program Overview.
2015 ACC / TSA Security Capabilities Workshop June 16-18, 2015 #SecurityCapabilities THANK YOU TO OUR SPONSORS 2015 ACC/TSA Security Capabilities Workshop June 24-26 Arlington, VA #SecurityCapabilities
More informationChecked Baggage. Mario Wilson Division Director. Airport Consultants Council July 20, 2016
Checked Baggage Mario Wilson Division Director Airport Consultants Council July 20, 2016 Innovating the Future of Aviation Security Cybersecurity Cybersecurity s; Technical Solutions Innovation Operational
More informationImplementing a Modular Open Systems Approach (MOSA) to Achieve Acquisition Agility in Defense Acquisition Programs
Implementing a Modular Open Systems Approach (MOSA) to Achieve Acquisition Agility in Defense Acquisition Programs Philomena Zimmerman Office of the Deputy Assistant Secretary of Defense for Systems Engineering
More informationDefense Security Service. Strategic Plan Addendum, April Our Agency, Our Mission, Our Responsibility
Strategic Plan 2020 Addendum, April 2017 Our Agency, Our Mission, Our Responsibility [2] DSS Strategic Plan Addendum 2020 Addendum The DSS Strategic Plan 2020 is designed to support the agency s continuous
More informationEnsuring System Protection throughout the Operational Lifecycle
Ensuring System Protection throughout the Operational Lifecycle The global cyber landscape is currently occupied with a diversity of security threats, from novice attackers running pre-packaged distributed-denial-of-service
More informationMission Analysis Division Overview. June 16, 2015
Mission Analysis Division Overview June 16, 2015 Increased Integration Slide 3 What is MAD s Vision? MAD is a forward-looking technical division that aims to focus on adjacent and transformational investments
More informationIT-CNP, Inc. Capability Statement
Securing America s Infrastructure Security Compliant IT Operations Hosting Cyber Security Information FISMA Cloud Management Hosting Security Compliant IT Logistics Hosting 1 IT-CNP, Inc. is a Government
More informationOffice of Security Capabilities Cybersecurity Management Framework
Transportation Security Administration Office of Security Capabilities Version 1.5 Updated: August 10, 2015 The contents of this framework draw from and are in alignment with requirements identified in
More informationAccelerate Your Enterprise Private Cloud Initiative
Cisco Cloud Comprehensive, enterprise cloud enablement services help you realize a secure, agile, and highly automated infrastructure-as-a-service (IaaS) environment for cost-effective, rapid IT service
More informationSecurity and Privacy Governance Program Guidelines
Security and Privacy Governance Program Guidelines Effective Security and Privacy Programs start with attention to Governance. Governance refers to the roles and responsibilities that are established by
More informationDefense Engineering Excellence
Defense Engineering Excellence Kristen J. Baldwin Principal Deputy Office of the Deputy Assistant Secretary of Defense for Systems Engineering, OUSD(AT&L) 18th Annual NDIA Systems Engineering Conference
More informationINFORMATION ASSURANCE DIRECTORATE
National Security Agency/Central Security Service INFORMATION ASSURANCE DIRECTORATE CGS Network Mapping The Network Mapping helps visualize the network and understand relationships and connectivity between
More informationCompetency Definition
Adult Children's Outreach Technical Teen Acquisition Adaptability The ability to effectively process library material orders; knowledge of vendor software, processes, products, and updates x x The ability
More informationSolutions Technology, Inc. (STI) Corporate Capability Brief
Solutions Technology, Inc. (STI) Corporate Capability Brief STI CORPORATE OVERVIEW Located in the metropolitan area of Washington, District of Columbia (D.C.), Solutions Technology Inc. (STI), women owned
More informationDEPARTMENT OF HEALTH and HUMAN SERVICES. HANDBOOK for
DEPARTMENT OF HEALTH and HUMAN SERVICES HANDBOOK for FEDERAL ACQUISITION CERTIFICATION PROGRAM/PROJECT MANAGERS Issuer Office of the Secretary Office of the Assistant Secretary for Financial Resources
More informationFISMA Cybersecurity Performance Metrics and Scoring
DOT Cybersecurity Summit FISMA Cybersecurity Performance Metrics and Scoring Office of the Federal Chief Information Officer, OMB OMB Cyber and National Security Unit, OMBCyber@omb.eop.gov 2. Cybersecurity
More informationIsaca EXAM - CISM. Certified Information Security Manager. Buy Full Product.
Isaca EXAM - CISM Certified Information Security Manager Buy Full Product http://www.examskey.com/cism.html Examskey Isaca CISM exam demo product is here for you to test the quality of the product. This
More informationTX CIO Leadership Journey Texas CIOs Bowden Hight Texas Health and Human Services Commission Tim Jennings Texas Department of Transportation Mark
TX CIO Leadership Journey Texas CIOs Bowden Hight Texas Health and Human Services Commission Tim Jennings Texas Department of Transportation Mark Stone Texas A&M University System Moderator Anh Selissen
More informationSymantec Data Center Transformation
Symantec Data Center Transformation A holistic framework for IT evolution As enterprises become increasingly dependent on information technology, the complexity, cost, and performance of IT environments
More informationAir Entry/Exit Re-engineering (AEER)
Air Entry/Exit Re-engineering (AEER) Homeland Security Science & Technology Advisory Committee (HSSTAC) April 8, 2014 Bob Burns Director, Apex AEER Project Homeland Security Advanced Research Projects
More informationStrategic Five-Year Technology Investment Plan for Aviation Security
Strategic Five-Year Technology Investment Plan for Aviation Security 2015 Report to Congress August 12, 2015 Transportation Security Administration Message from the Administrator August 12, 2015 I am pleased
More informationDoD Strategy for Cyber Resilient Weapon Systems
DoD Strategy for Cyber Resilient Weapon Systems Melinda K. Reed Office of the Deputy Assistant Secretary of Defense for Systems Engineering NDIA Systems Engineering Conference October 2016 10/24/2016 Page-1
More informationCyber Partnership Blueprint: An Outline
Approved for Public Release; Distribution Unlimited. 13-3851 The MITRE Corporation Cyber Partnership Blueprint: An Outline October 26, 2013 Copyright 1997-2013, The MITRE Corporation. All rights reserved.
More informationThe NIST Cybersecurity Framework
The NIST Cybersecurity Framework U.S. German Standards Panel 2018 April 10, 2018 Adam.Sedgewick@nist.gov National Institute of Standards and Technology About NIST Agency of U.S. Department of Commerce
More informationINFORMATION ASSURANCE DIRECTORATE
National Security Agency/Central Security Service INFORMATION ASSURANCE DIRECTORATE CGS Risk Monitoring Risk Monitoring assesses the effectiveness of the risk decisions that are made by the Enterprise.
More informationExam4Tests. Latest exam questions & answers help you to pass IT exam test easily
Exam4Tests http://www.exam4tests.com Latest exam questions & answers help you to pass IT exam test easily Exam : CISM Title : Certified Information Security Manager Vendor : ISACA Version : DEMO 1 / 10
More informationTIER Program Funding Memorandum of Understanding For UCLA School of
TIER Program Funding Memorandum of Understanding For UCLA School of This Memorandum of Understanding is made between the Office of Information Technology (OIT) and the School of ( Department ) with reference
More informationPublished Privacy Impact Assessments on the Web. ACTION: Notice of Publication of Privacy Impact Assessments (PIA).
This document is scheduled to be published in the Federal Register on 03/22/2012 and available online at http://federalregister.gov/a/2012-06847, and on FDsys.gov 9110-9L DEPARTMENT OF HOMELAND SECURITY
More informationHow To Build or Buy An Integrated Security Stack
SESSION ID: PDIL-W03 How To Build or Buy An Integrated Security Stack Jay Leek CISO Blackstone Haddon Bennett CISO Change Healthcare Defining the problem 1. Technology decisions not reducing threat 2.
More informationDHS Systems Engineering Acquisition Challenges and Issues
DHS SCIENCE AND TECHNOLOGY DHS Systems Engineering Acquisition Challenges and Issues NDIA 20 th Annual National SE Conference October 25, 2017 James D. Tuttle Chief Systems Engineer Science and Technology
More informationBUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE
BUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE 1 WHAT IS YOUR SITUATION? Excel spreadsheets Manually intensive Too many competing priorities Lack of effective reporting Too many consultants Not
More informationDHS Overview of Sustainability and Environmental Programs. Dr. Teresa R. Pohlman Executive Director, Sustainability and Environmental Programs
DHS Overview of Sustainability and Environmental Programs Dr. Teresa R. Pohlman Executive Director, Sustainability and Environmental Programs DHS Mission DHS Organization Getting to Know DHS Mission: Secure
More informationState of South Carolina Interim Security Assessment
State of South Carolina Interim Security Assessment Deloitte & Touche LLP Date: October 28, 2013 Our services were performed in accordance with the Statement on Standards for Consulting Services that is
More informationSTRATEGIC PLAN
STRATEGIC PLAN 2013-2018 In an era of growing demand for IT services, it is imperative that strong guiding principles are followed that will allow for the fulfillment of the Division of Information Technology
More informationINFORMATION ASSURANCE DIRECTORATE
National Security Agency/Central Security Service INFORMATION ASSURANCE DIRECTORATE CGS Deployment Deployment is the phase of the system development lifecycle in which solutions are placed into use to
More informationPREPARE FOR TAKE OFF. Accelerate your organisation s journey to the Cloud.
PREPARE FOR TAKE OFF Accelerate your organisation s journey to the Cloud. cloud. Contents Introduction Program & Governance BJSS Cloud Readiness Assessment: Intro Platforms & Development BJSS Cloud Readiness
More informationTurning Risk into Advantage
Turning Risk into Advantage How Enterprise Wide Risk Management is helping customers succeed in turbulent times and increase their competitiveness Glenn Tjon Partner KPMG Advisory Presentation Overview
More informationTHE POWER OF TECH-SAVVY BOARDS:
THE POWER OF TECH-SAVVY BOARDS: LEADERSHIP S ROLE IN CULTIVATING CYBERSECURITY TALENT SHANNON DONAHUE DIRECTOR, INFORMATION SECURITY PRACTICES 1 IT S A RISK-BASED WORLD: THE 10 MOST CRITICAL UNCERTAINTIES
More informationCyber Security Strategy
Cyber Security Strategy Committee for Home Affairs Introduction Cyber security describes the technology, processes and safeguards that are used to protect our networks, computers, programs and data from
More informationCCISO Blueprint v1. EC-Council
CCISO Blueprint v1 EC-Council Categories Topics Covered Weightage 1. Governance (Policy, Legal, & Compliance) & Risk Management 1.1 Define, implement, manage and maintain an information security governance
More informationFederal Continuous Monitoring Working Group. March 21, DOJ Cybersecurity Conference 2/8/2011
Federal Continuous Monitoring Working Group March 21, 2011 DOJ Cybersecurity Conference 2/8/2011 4/12/2011 Why Continuous Monitoring? Case for Change Strategy Future State Current State Current State Case
More informationUpdates to the NIST Cybersecurity Framework
Updates to the NIST Cybersecurity Framework NIST Cybersecurity Framework Overview and Other Documentation October 2016 Agenda: Overview of NIST Cybersecurity Framework Updates to the NIST Cybersecurity
More informationAgile Master Data Management TM : Data Governance in Action. A whitepaper by First San Francisco Partners
Agile Master Data Management TM : Data Governance in Action A whitepaper by First San Francisco Partners First San Francisco Partners Whitepaper Executive Summary What do data management, master data management,
More informationRisk-based security in practice Turning information into smart screening. October 2014
Risk-based security in practice Turning information into smart screening October 2014 Organizations charged with securing our society s vital functions transit, commerce, communication have expansive missions
More informationScience & Technology Directorate: R&D Overview
Science & Technology Directorate: R&D Overview August 6 th, 2012 UNCLASSIFIED//FOUO DHS S&T Mission Strengthen America s security and resiliency by providing knowledge products and innovative technology
More informationPIPELINE SECURITY An Overview of TSA Programs
PIPELINE SECURITY An Overview of TSA Programs Jack Fox Pipeline Industry Engagement Manager Surface Division Office of Security Policy & Industry Engagement May 5, 2014 TSA and Pipeline Security As the
More informationCyber Security and Cyber Fraud
Cyber Security and Cyber Fraud Remarks by Andrew Ross Director, Payments and Cyber Security Canadian Bankers Association for Senate Standing Committee on Banking, Trade, and Commerce October 26, 2017 Ottawa
More informationTest and Evaluation. The Key to Successful Acquisition Outcomes. Steve Hutchison. 3 October Director Office of Test and Evaluation
Test and Evaluation The Key to Successful Acquisition Outcomes 3 October 2017 Steve Hutchison Director Office of Test and Evaluation DHS Test & Evaluation Year in Review USCG Fast Response Cutter FOT&E
More informationEvaluating and Improving Cybersecurity Capabilities of the Electricity Critical Infrastructure
Evaluating and Improving Cybersecurity Capabilities of the Electricity Critical Infrastructure March 2015 Pamela Curtis Dr. Nader Mehravari Katie Stewart Cyber Risk and Resilience Management Team CERT
More informationCyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS
Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS Continual disclosed and reported
More informationCYBER SECURITY AIR TRANSPORT IT SUMMIT
CYBER SECURITY AIR TRANSPORT IT SUMMIT SHARING GOOD PRACTICES VIVIEN EBERHARDT, SITA CYBER SECURITY CYBER SECURITY AIR TRANSPORT IT SUMMIT SHARING GOOD PRACTICES VIVIEN EBERHARDT, SITA CYBER SECURITY CYBER
More informationDATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE
DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE EXECUTIVE SUMMARY ALIGNING CYBERSECURITY WITH RISK The agility and cost efficiencies
More informationEUROPEAN ICT PROFESSIONAL ROLE PROFILES VERSION 2 CWA 16458:2018 LOGFILE
EUROPEAN ICT PROFESSIONAL ROLE PROFILES VERSION 2 CWA 16458:2018 LOGFILE Overview all ICT Profile changes in title, summary, mission and from version 1 to version 2 Versions Version 1 Version 2 Role Profile
More informationCyberUSA Government Cyber Opportunities for your Region: The Federal Agenda - Federal, Grants & Resources Available to Support Community Cyber
CyberUSA Government Cyber Opportunities for your Region: The Federal Agenda - Federal, Grants & Resources Available to Support Community Cyber Initiatives 30 January 2018 1 Agenda Federal Landscape Cybersecurity
More informationCOMPASS FOR THE COMPLIANCE WORLD. Asia Pacific ICS Security Summit 3 December 2013
COMPASS FOR THE COMPLIANCE WORLD Asia Pacific ICS Security Summit 3 December 2013 THE JOURNEY Why are you going - Mission Where are you going - Goals How will you get there Reg. Stnd. Process How will
More informationUNCLASSIFIED. FY 2016 Base FY 2016 OCO
Exhibit R-2, RDT&E Budget Item Justification: PB 2016 Office of the Secretary Of Defense : February 2015 0400: Research, Development, Test & Evaluation, Defense-Wide / BA 7: Operational Systems Development
More informationIncentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO
White Paper Incentives for IoT Security May 2018 Author: Dr. Cédric LEVY-BENCHETON, CEO Table of Content Defining the IoT 5 Insecurity by design... 5 But why are IoT systems so vulnerable?... 5 Integrating
More informationTexas Reliability Entity, Inc. Strategic Plan for 2017 TEXAS RE STRATEGIC PLAN FOR 2017 PAGE 1 OF 13
Texas Reliability Entity, Inc. Strategic Plan for 2017 TEXAS RE STRATEGIC PLAN FOR 2017 PAGE 1 OF 13 I. Vision A highly reliable and secure bulk power system in the Electric Reliability Council of Texas
More informationIoT & SCADA Cyber Security Services
RIOT SOLUTIONS PTY LTD P.O. Box 10087 Adelaide St Brisbane QLD 4000 BRISBANE HEAD OFFICE Level 22, 144 Edward St Brisbane, QLD 4000 T: 1300 744 028 Email: sales@riotsolutions.com.au www.riotsolutions.com.au
More informationCLOSING IN FEDERAL ENDPOINT SECURITY
CLOSING IN FEDERAL ENDPOINT SECURITY More than half of agency IT officials worry about cyberattacks involving endpoint devices as a means of accessing agency networks. Yet many aren t taking advantage
More informationNational Policy and Guiding Principles
National Policy and Guiding Principles National Policy, Principles, and Organization This section describes the national policy that shapes the National Strategy to Secure Cyberspace and the basic framework
More informationSDDC CAMPAIGN PLAN OVERVIEW MILITARY SURFACE DEPLOYMENT AND DISTRIBUTION COMMAND
RF Y SU ACE D AR E IT MI L CAMPAIGN PLAN OVERVIEW R.E.A.D.Y. 2017-2020 Responsive to the Warfighter, Expeditionary - Fight Tonight, Agile Business Process-Audit Compliant, Delivering Readiness, Your Joint
More informationTSA/FTA Security and Emergency Management Action Items for Transit Agencies
TSA/FTA Security and Emergency Management Action Items for Transit Agencies AACTION ITEM LIST Management and Accountability 1. Establish Written System Security Programs and Emergency Management Plans:
More informationThe new cybersecurity operating model
The new cybersecurity operating model Help your organization become more resilient and reach its business goals. 1 slalom.com Struggling to meet security goals While the digital economy is providing major
More informationRethinking Cybersecurity from the Inside Out
Rethinking Cybersecurity from the Inside Out An Engineering and Life Cycle-Based Approach for Building Trustworthy Resilient Systems Dr. Ron Ross Computer Security Division Information Technology Laboratory
More informationWritten Statement of. Timothy J. Scott Chief Security Officer The Dow Chemical Company
Written Statement of Timothy J. Scott Chief Security Officer The Dow Chemical Company Representing The Dow Chemical Company and the American Chemistry Council To the United States Senate Committee on Homeland
More informationEnhancing the Cybersecurity of Federal Information and Assets through CSIP
TECH BRIEF How BeyondTrust Helps Government Agencies Address Privileged Access Management to Improve Security Contents Introduction... 2 Achieving CSIP Objectives... 2 Steps to improve protection... 3
More informationUNCLASSIFIED. FY 2016 Base FY 2016 OCO
Exhibit R-2, RDT&E Budget Item Justification: PB 2016 Office of the Secretary Of Defense Date: February 2015 0400: Research, Development, Test & Evaluation, Defense-Wide / BA 2: COST ($ in Millions) Prior
More informationDemystifying GRC. Abstract
White Paper Demystifying GRC Abstract Executives globally are highly focused on initiatives around Governance, Risk and Compliance (GRC), to improve upon risk management and regulatory compliances. Over
More informationMitigation Framework Leadership Group (MitFLG) Charter DRAFT
Mitigation Framework Leadership Group (MitFLG) Charter DRAFT October 28, 2013 1.0 Authorities and Oversight The Mitigation Framework Leadership Group (MitFLG) is hereby established in support of and consistent
More informationCYBERSECURITY FOR STARTUPS AND SMALL BUSINESSES OVERVIEW OF CYBERSECURITY FRAMEWORKS
CYBERSECURITY FOR STARTUPS AND SMALL BUSINESSES OVERVIEW OF CYBERSECURITY FRAMEWORKS WILLIAM (THE GONZ) FLINN M.S. INFORMATION SYSTEMS SECURITY MANAGEMENT; COMPTIA SECURITY+, I-NET+, NETWORK+; CERTIFIED
More informationHPH SCC CYBERSECURITY WORKING GROUP
HPH SCC A PRIMER 1 What Is It? The cross sector coordinating body representing one of 16 critical infrastructure sectors identified in Presidential Executive Order (PPD 21) A trust community partnership
More informationIMPROVING CYBERSECURITY AND RESILIENCE THROUGH ACQUISITION
IMPROVING CYBERSECURITY AND RESILIENCE THROUGH ACQUISITION Briefing for OFPP Working Group 19 Feb 2015 Emile Monette GSA Office of Governmentwide Policy emile.monette@gsa.gov Cybersecurity Threats are
More informationSan Francisco Chapter. What an auditor needs to know
What an auditor needs to know Course Objectives Understand what a data center looks and feels like Know what to look for in a data center and what questions to ask Deepening understanding of controls that
More informationINFORMATION ASSURANCE DIRECTORATE
National Security Agency/Central Security Service INFORMATION ASSURANCE DIRECTORATE Digital Policy Management consists of a set of computer programs used to generate, convert, deconflict, validate, assess
More informationRSA Solution Brief. The RSA Solution for Cloud Security and Compliance
The RSA Solution for Cloud Security and Compliance The RSA Solution for Cloud Security and Compliance enables enduser organizations and service providers to orchestrate and visualize the security of their
More informationTRIAEM LLC Corporate Capabilities Briefing
TRIAEM LLC Corporate Capabilities Briefing 3/4/ 1 CORPORATE OVERVIEW CORPORATE VALUES MISSION STATEMENT SERVICES WORKFORCE EXPERIENCE CORPORATE CONTACTS 3/4/ 2 CORPORATE OVERVIEW TRIAEM is certified through
More informationBuilding a BC/DR Control Library and Regulatory Response Program
Building a BC/DR Control Library and Regulatory Response Program David Garland, Senior Director, Disaster Recovery & Regulatory Compliance, Business Continuity Management CME Group Regulatory Compliance
More informationU.S. Japan Internet Economy Industry Forum Joint Statement October 2013 Keidanren The American Chamber of Commerce in Japan
U.S. Japan Internet Economy Industry Forum Joint Statement 2013 October 2013 Keidanren The American Chamber of Commerce in Japan In June 2013, the Abe Administration with the support of industry leaders
More informationLegal and Regulatory Developments for Privacy and Security
Legal and Regulatory Developments for Privacy and Security Rodney Petersen Government Relations Officer and Director of EDUCAUSE Cybersecurity Initiative Overview Context for Federal Policy Policy Directions
More informationSTRATEGIC PLAN. USF Emergency Management
2016-2020 STRATEGIC PLAN USF Emergency Management This page intentionally left blank. Organization Overview The Department of Emergency Management (EM) is a USF System-wide function based out of the Tampa
More informationTest and Evaluation in the Department of Homeland Security
Test and Evaluation in the Department of Homeland Security 7 October 2014 Dr. Steven J Hutchison Director, Test and Evaluation Acting Director, Acquisition Support and Operations Analysis Department of
More informationNW NATURAL CYBER SECURITY 2016.JUNE.16
NW NATURAL CYBER SECURITY 2016.JUNE.16 ADOPTED CYBER SECURITY FRAMEWORKS CYBER SECURITY TESTING SCADA TRANSPORT SECURITY AID AGREEMENTS CONCLUSION QUESTIONS ADOPTED CYBER SECURITY FRAMEWORKS THE FOLLOWING
More informationcybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services
Enhancing infrastructure cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services European Union Agency for Network and Information Security Securing Europe s Information society 2
More informationLeveraging the LincPass in USDA
Leveraging the LincPass in USDA Two Factor Authentication, Digital Signature, Enterprise VPN, eauth Single Sign On February 2010 USDA Takes Advantage of the LincPass USDA is taking advantage of the LincPass
More informationFive-Year Strategic Plan
Five-Year Strategic Plan 2016 2020 Contents A Message from the ERIS Board... 3 Introduction and Background... 4 Five-Year Plan Goal Areas... 7 Goal Area 1: State Environmental Agency Research Needs and
More informationMITIGATE CYBER ATTACK RISK
SOLUTION BRIEF MITIGATE CYBER ATTACK RISK CONNECTING SECURITY, RISK MANAGEMENT & BUSINESS TEAMS TO MINIMIZE THE WIDESPREAD IMPACT OF A CYBER ATTACK DIGITAL TRANSFORMATION CREATES NEW RISKS As organizations
More informationWhat It Takes to be a CISO in 2017
What It Takes to be a CISO in 2017 Doug Copley Deputy CISO Sr. Security & Privacy Strategist February 2017 IMAGINE You re the CISO In Bangladesh Of a bank On a Friday when you re closed You realize 6 huge
More informationFederal Aviation Administration. FTI-2 Update. Prepared for: Program Manager Date: December 8, 2016
Prepared for: Presented by: ITPA Joe Lahoud, FTI-2 Program Manager Date: Topics Background Contractual perspective Scope of services Overview of Recent Activities Next Steps FTI-2 Planning Dates 2 Background
More informationDepartment of Homeland Security Science and Technology Directorate
Department of Homeland Security Science and Technology Directorate Overview Presented to the Transportation Research Board Infrastructure and Geophysical Division Science and Technology Directorate Department
More informationCyber Security in Timothy Brown Dell Fellow and CTO Dell Security
Cyber Security in 2016 Timothy Brown Dell Fellow and CTO Dell Security 2016 The middle of a perfect storm Technology Driving Innovation Advanced Adversaries Limited Resources Dell Secureworks Underground
More informationUNCLASSIFIED FY 2016 OCO. FY 2016 Base
Exhibit R-2, RDT&E Budget Item Justification: PB 2016 Office of the Secretary Of Defense Date: February 2015 0400: Research, Development, Test & Evaluation, Defense-Wide / BA 3: Advanced Technology Development
More informationT&E Workforce Development
T&E Workforce Development 2016 ITEA Cyber Security Workshop Mr. Thomas W. Simms Deputy Director, T&E Competency & Development Deputy Assistant Secretary of Defense (DT&E) March 17, 2016 Agenda Policy Overview
More informationNERC CIP VERSION 6 BACKGROUND COMPLIANCE HIGHLIGHTS
NERC CIP VERSION 6 COMPLIANCE BACKGROUND The North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) Reliability Standards define a comprehensive set of requirements
More informationFederal Mobility: A Year in Review
Federal Mobility: A Year in Review Link: https://www.dhs.gov/csd-mobile Link: https://www.dhs.gov/publication/csd-mobile-device-security-study Vincent Sritapan Cyber Security Division Science and Technology
More informationWhite Paper. View cyber and mission-critical data in one dashboard
View cyber and mission-critical data in one dashboard Table of contents Rising cyber events 2 Mitigating threats 2 Heighten awareness 3 Evolving the solution 5 One of the direct benefits of the Homeland
More information