United States Coast Guard Office of Port and Facility Compliance (CG-FAC) Cybersecurity and the Marine Transportation System.

Similar documents
Why you should adopt the NIST Cybersecurity Framework

Navigation and Vessel Inspection Circular (NVIC) 05-17; Guidelines for Addressing

Cybersecurity Risk and Options Considered by IMO

Framework for Improving Critical Infrastructure Cybersecurity

Cyber Security & Homeland Security:

DHS Cybersecurity Services and Resources

NW NATURAL CYBER SECURITY 2016.JUNE.16

CYBERSECURITY FOR STARTUPS AND SMALL BUSINESSES OVERVIEW OF CYBERSECURITY FRAMEWORKS

Cybersecurity Risk Management:

LESSONS LEARNED IN DEVELOPING CYBERSECURITY FRAMEWORK (CSF) PROFILES WITH INDUSTRY AND THE U.S. COAST GUARD (USCG)

The NIST Cybersecurity Framework

Maritime Bulk Liquids Transfer Cybersecurity Framework Profile

American Association of Port Authorities. Navigating the Cyber Domain. Homeland Security UNCLASSIFIED

BUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE

Information Security Continuous Monitoring (ISCM) Program Evaluation

Evaluating and Improving Cybersecurity Capabilities of the Electricity Critical Infrastructure

Critical Infrastructure Sectors and DHS ICS CERT Overview

Securing Privileged Access Securing High Value Assets Datacenter Security Information Protection Information Worker and Device Protection

Panelists. Moderator: Dr. John H. Saunders, MITRE Corporation

American Association of Port Authorities Port Security Seminar & Expo Cyber Security Preparedness and Resiliency in the Marine Environment

Federal Continuous Monitoring Working Group. March 21, DOJ Cybersecurity Conference 2/8/2011

Mapping Your Requirements to the NIST Cybersecurity Framework. Industry Perspective

CyberUSA Government Cyber Opportunities for your Region: The Federal Agenda - Federal, Grants & Resources Available to Support Community Cyber

Implementing Executive Order and Presidential Policy Directive 21

NOSAC. Phase I and Phase II FINAL REPORT

MITIGATE CYBER ATTACK RISK

NCSF Foundation Certification

Continuous protection to reduce risk and maintain production availability

Updates to the NIST Cybersecurity Framework

DATA SHEET RSA NETWITNESS PLATFORM PROFESSIONAL SERVICES ACCELERATE TIME-TO-VALUE & MAXIMIZE ROI

Dr. Emadeldin Helmy Cyber Risk & Resilience Bus. Continuity Exec. Director, NTRA. The African Internet Governance Forum - AfIGF Dec 2017, Egypt

TACOMA PUBLIC UTILITIES CYBERSECURITY PROGRAM NIAC WORKSHOP JUNE 2017

standards and frameworks and controls oh my! Mike Garcia Senior Advisor for Elections Best Practices

RSA RISK FRAMEWORKS MAKING DIGITAL RISK MANAGEABLE

Cyber Resilience. Think18. Felicity March IBM Corporation

Framework for Improving Critical Infrastructure Cybersecurity

Homeland Security Perspectives: Oregon Fire District Directors Association October 25, 2018

Implementing the Administration's Critical Infrastructure and Cybersecurity Policy

September 11, Dear Captain Manning:

Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS

Cyber Semantic Landscape Ontology and Taxonomy

COMPASS FOR THE COMPLIANCE WORLD. Asia Pacific ICS Security Summit 3 December 2013

Presented by Ingrid Fredeen and Pamela Passman. Copyright 2017NAVEXGlobal,Inc. AllRightsReserved. Page 0

SOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT

DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE

REPORTING SUSPICIOUS ACTIVITY AND BREACHES OF SECURITY

David Fletcher Co-Principal Investigator Western Management & Consulting LLC Albuquerque, NM

Cyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK.

Security Metrics. February 25, Annabelle Lee Senior Technical Executive

Marine Security Overview

Australian Energy Sector Cyber Security Framework. Frequently Asked Questions FINAL V1-0

Federal Civilian Executive branch State, Local, Tribal, Territorial government (SLTT) Private Sector (PS) Unclassified / Business Networks

Smart Grid Standards and Certification

Suzanne B. Schwartz, MD, MBA Director Emergency Preparedness/Operations & Medical Countermeasures (EMCM Program) CDRH/FDA

DEFENSE LOGISTICS AGENCY

CYBERSECURITY MATURITY ASSESSMENT

SYSTEMS ASSET MANAGEMENT POLICY

INFORMATION ASSURANCE DIRECTORATE

Cybersecurity Presidential Policy Directive Frequently Asked Questions. kpmg.com

Mike Spear, Ops Leader Greg Maciel, Cyber Director INDUSTRIAL CYBER SECURITY PROGRAMS

ARC VIEW. Critical Industries Need Continuous ICS Security Monitoring. Keywords. Summary. By Sid Snitkin

Introducing Cyber Observer

Enterprise Risk Management (ERM) and Cybersecurity. Na9onal Science Founda9on March 14, 2018

Monthly Cyber Threat Briefing

Achieving Cyber-Readiness through Information Sharing Analysis Organizations (ISAOs)

2016 Nationwide Cyber Security Review: Summary Report. Nationwide Cyber Security Review: Summary Report

Framework for Improving Critical Infrastructure Cybersecurity. and Risk Approach

ICS-CERT Year in Review. Industrial Control Systems Cyber Emergency Response Team

FOR FINANCIAL SERVICES ORGANIZATIONS

National Cyber Security Operations Center (N-CSOC) Stakeholders' Conference

2018 GLOBAL CHANNEL PARTNER SURVEY THYCOTIC CHANNEL PARTNER SURVEY REPORT

Strategies for Maritime Cyber Security Leveraging the Other Modes

NCSF Foundation Certification

Information Technology Security Plan Policies, Controls, and Procedures Identify Risk Assessment ID.RA

Building a Resilient Security Posture for Effective Breach Prevention

Supply Chain Integrity and Security Assurance for ICT. Mats Nilsson

Executive Order & Presidential Policy Directive 21. Ed Goff, Duke Energy Melanie Seader, EEI

White Paper. View cyber and mission-critical data in one dashboard

RBI GUIDELINES ON CYBER SECURITY AND RAKSHA APPROACH

Cybersecurity & Privacy Enhancements

PIPELINE SECURITY An Overview of TSA Programs

Data Security Standards

FFIEC Cybersecurity Assessment Tool

June 5, 2018 Independence, Ohio

Medical Device Cybersecurity: FDA Perspective

The Office of Infrastructure Protection

RSA Cybersecurity Poverty Index : APJ

Sustainable Security Operations

Awareness as a Cyber Security Vulnerability. Jack Whitsitt Team Lead, Cyber Security Awareness and Outreach TSA Office of Information Technology

A Controls Factory Approach To Operationalizing a Cyber Security Program Based on the NIST Cybersecurity Framework

RSA Cybersecurity Poverty Index

HPH SCC CYBERSECURITY WORKING GROUP

Top 10 ICS Cybersecurity Problems Observed in Critical Infrastructure

Security in Today s Insecure World for SecureTokyo

Build Your Cybersecurity Program in Minutes: Click, Copy, Modify, Implement

Network and Information Security Directive

ACM Retreat - Today s Topics:

Cybersecurity-Related Information Sharing Guidelines Draft Document Request For Comment

Ontario Energy Board Cyber Security Framework

Advanced Cyber Risk Management Threat Modeling & Cyber Wargaming April 23, 2018

Transcription:

United States Coast Guard Office of Port and Facility Compliance (CG-FAC) Cybersecurity and the Marine Transportation System

Overview Coast Guard Cyber Strategy Cyber Framework (CSF) What does it mean for Industry? Cyber Suspicious Activity/Cyber Incident Reporting Cyber Resources Q & A

USCG Cyber Strategy USCG Cyber Strategy has three parts: Computer Network Defense Decision Advantage MTS Cyber

USCG Cyber Strategy MTS Cyber incorporates cyber aspects across USCG missions: Assessments Standards Response

Cyber Framework (CSF) CSF Consists of established and widely accepted IT industry: Standards Guidelines Best Practices Adoption is NOT mandatory, but PROMOTED by USCG Requires interface between Operations and IT leadership and management to effectively adopt. CSF adoption occurs when an organization uses the framework as a key part of its systematic process to ID, assess, prioritize, and/or communicate cyber risk

CSF Adoption Tools Cyber security Assessment Tools Cyber Resiliency Review (CRR) is a DHS assessment tool that measures the implementation of key cyber security capacities and capabilities. The goal of the CRR is to ensure that core process-based capabilities exist, are measureable, and are meaningful as predictors for an organization s ability to manage cyber risk.. For more information about the CRR, contact the DHS Computer Evaluation Program (CSEP) at CSE@dhs.gov. Cybersecurity Capability Maturity Model (C2M2) a self-administered or facilitated mechanism to evaluate, prioritize, and improve cyber security capabilities. The model enables organizations to score their cyber security practices against the model process. Scores are used to determined risk tolerance for each domain and influence organizational efforts to improve scoring thus improving cyber security. This model is based on the electricity subsector s model. Coast Guard is working with the Dept of Energy to retool the model for the maritime industry. Cybersecurity Evaluation Tool (CSET) is a desktop software tool that guides users through a step-by-step process for basic assessment of the cyber security posture of their industrial control system and enterprise information technology networks. CSET is available for download or in DVD format. To learn more or download a copy, visit http://www.us-cert.gov/control_systems/satool.html. To obtain a DVD copy, send an e-mail with your mailing address to CSET@dhs.gov.

What does this mean to industry? Recommends: Weighing cyber risks into assessments Take advantage of the tools that are available to you Make your concerns known to the Coast Guard and DHS Stay proactive!

Cyber Suspicious Activity/Incident Reporting & Mitigation Report Cyber suspicious activity and security incidents (breaches of security) to the NRC at www.nrc.uscg.mil or 800-424-8802. Reporting is REQUIRED for incidents meeting the definition in 33 CFR 101.305 Industry can seek assistance from US-CERT or ICS-CERT for reducing the opportunity for & mitigating cyber attacks

USCG - MTS Cyber Questions? cybermts@uscg.mil

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback