Homeland Security Perspectives: Oregon Fire District Directors Association October 25, 2018

Size: px

Start display at page:

Download "Homeland Security Perspectives: Oregon Fire District Directors Association October 25, 2018"

Beryl Harris
5 years ago
Views:

1 Perspectives: Oregon Fire District Directors Association October 25, 2018 Ronald D. Watters Jr M.Ed GSLC Cybersecurity Advisor Region X Stakeholder Engagement and Cyber Infrastructure Resilience (SECIR) Cybersecurity and Communications (CS&C)

2 Cybersecurity Advisor (CSA) Program The CSA Mission: To provide direct coordination, outreach, and regional support and assistance in the protection of cyber components essential to the Nation s Critical Infrastructure. In service of this mission, CSAs are guided by the following goals: Assess: Assess critical infrastructure cyber risk. Promote: Promote best practices and risk mitigation strategies. Build: Initiate, build capacity, and support cyber communities-ofinterest and working groups. Educate: Educate and raise awareness. Listen: Collect stakeholder requirements. Coordinate: Coordinate incident support and lessons-learned.

3 Critical Infrastructure (CI) Sectors

4 What Is Cyber Resilience? the ability to prepare for and adapt to changing conditions and withstand and recover rapidly from disruptions. Resilience includes the ability to withstand and recover from deliberate attacks, accidents, or naturally occurring threats or incidents - Presidential Policy Directive PPD 21 February 12, 2013 Protect () Perform (Capability) Sustain (Continuity) Repeat (Maturity)

5 Critical Questions for Consideration

6 Some Critical Cybersecurity Questions: How do you measure if your cybersecurity efforts are going well?

7 Some Critical Cybersecurity Questions: How do you measure if your cybersecurity efforts are going well? Do you plan your cybersecurity activities?

8 Some Critical Cybersecurity Questions: How do you measure if your cybersecurity efforts are going well? Do you plan your cybersecurity activities? Do you adhere to a cybersecurity standard of practice? Is your system accredited? Is the Accreditation reviewed regularly?

9 Some Critical Cybersecurity Questions: How do you measure if your cybersecurity efforts are going well? Do you plan your cybersecurity activities? Do you adhere to a cybersecurity standard of practice? Is your system accredited? Is the Accreditation reviewed regularly? Who is responsible and accountable for cybersecurity? Are they measuring and managing the effort?

10 Some Critical Cybersecurity Questions: What s at risk? Have you identified the potential consequences if your systems are compromised? Is your system scalable?

11 Some Critical Cybersecurity Questions: What s at risk? Have you identified the potential consequences if your systems are compromised? Is your system scalable? Have you planned for cyber incident management and exercised that plan?

12 Some Critical Cybersecurity Questions: What s at risk? Have you identified the potential consequences if your systems are compromised? Is your system scalable? Have you planned for cyber incident management and exercised that plan? Can you sustain operations of critical processes following a significant cyber incident?

13 Analysis Paralysis PSUEDO Medical term for Brain Freeze when faced with multiple critical projects or objectives leading to failure to complete any. Take one item at a time and complete it, chip away at the problem one step at a time. Advantage is that you can show progress completing tasks Disadvantage is that it takes more planning and time. Plan and Budget for ongoing projects You are not going to be able to complete major infrastructure projects quickly, so plan and prepare. Convene a Configuration Change Management meeting to discuss and have plan approved far in advance of actual commencement of work. Move expensive portions to the next Fiscal year and budget for them. 13

14 Cybersecurity Offerings for CIKR and SLTT National Cybersecurity and Communications Integration Center (NCCIC) Operations US-CERT/ ICS-CERT Operations Cyber Threat Hunting and Incident Response Teams National Cyber Assessments and Technical Services (NCATS) Risk and Vulnerability Assessments (RVAs) Phishing Campaign Assessments (PCA) Vulnerability Scanning Industrial Control Systems (ICS) Evaluations Cyber Evaluation Tool (CSET ) Cyber Threat Detection and Analysis Cyber Exercises Malware Analysis National Cyber Awareness System Publications and Communications Stakeholder Engagement Cyber Infrastructure Resilience (SECIR) Cyber Education and Awareness Federal Virtual Training Environment (Fed VTE) National Initiative for Cybersecurity Careers and Studies (NICCS) Stop.Think.Connect. Partnership and Engagements State, Local, Tribal, and Territorial (SLTT) engagements Critical Infrastructure Cyber Community Voluntary Program (C3VP) Stakeholder Risk Assessment and Mitigations- Cybersecurity Advisors (CSA) Cyber Resilience Reviews (CRR ) External Dependency Management (EDM) Assessments Cyber Infrastructure Surveys

15 Contact Information Incident Response and Information Sharing Ronald Watters Cybersecurity Advisor Region X Seattle, WA ncciccustomerservice@hq.dhs.gov General Inquiries cyberadvisor@hq.dhs.gov Contact Information Ronald.watters@hq.dhs.gov (206) Department of National Protection and Programs Directorate Office of Cybersecurity and Communications Stakeholder Engagement and Cyber Infrastructure Resilience Stakeholder Risk Assessment and Mitigation

16 The Last Slide Questions? 16

DHS Cybersecurity Services and Resources

DHS Cybersecurity Services and Resources September 18 th, 2018 Harley D. Rinerson Chief of Operations Central U.S. Cyber Advisor Program Cybersecurity Advisor Program Department of Agenda Cyber Advisor