DHS Cybersecurity. Election Infrastructure as Critical Infrastructure. June 2017

Similar documents
DHS Cybersecurity: Services for State and Local Officials. February 2017

Testimony. Christopher Krebs Director Cybersecurity and Infrastructure Security Agency U.S. Department of Homeland Security FOR A HEARING ON

Election Infrastructure Security: The How and Why of It

Critical Infrastructure Sectors and DHS ICS CERT Overview

Implementing the Administration's Critical Infrastructure and Cybersecurity Policy

The Office of Infrastructure Protection

Department of Homeland Security Updates

June 5, 2018 Independence, Ohio

Statement for the Record

Critical Infrastructure Partnership

ISAO SO Product Outline

DHS Election Task Force Updates. Geoff Hale, Elections Task Force

Cybersecurity Presidential Policy Directive Frequently Asked Questions. kpmg.com

Dr. Emadeldin Helmy Cyber Risk & Resilience Bus. Continuity Exec. Director, NTRA. The African Internet Governance Forum - AfIGF Dec 2017, Egypt

Office of Infrastructure Protection Overview

NATIONAL STRATEGY FOR GLOBAL SUPPLY CHAIN SECURITY

Managing IT & Election Systems. U.S. Election Assistance Commission 1

THE WHITE HOUSE. Office of the Press Secretary. EMBARGOED UNTIL DELIVERY OF THE PRESIDENT'S February 12, 2013 STATE OF THE UNION ADDRESS

Information Governance, the Next Evolution of Privacy and Security

Quadrennial Homeland Security Review (QHSR) Ensuring Resilience to Disasters

HPH SCC CYBERSECURITY WORKING GROUP

PIPELINE SECURITY An Overview of TSA Programs

NATIONAL DEFENSE INDUSTRIAL ASSOCIATION Homeland Security Symposium

The Office of Infrastructure Protection

National Policy and Guiding Principles

Federal Civilian Executive branch State, Local, Tribal, Territorial government (SLTT) Private Sector (PS) Unclassified / Business Networks

U.S. Department of Homeland Security Office of Cybersecurity & Communications

Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure

The Office of Infrastructure Protection

Greg Garcia President, Garcia Cyber Partners Former Assistant Secretary for Cyber Security and Communications, U.S. Department of Homeland Security

Implementing Executive Order and Presidential Policy Directive 21

Panelists. Moderator: Dr. John H. Saunders, MITRE Corporation

STRENGTHENING THE CYBERSECURITY OF FEDERAL NETWORKS AND CRITICAL INFRASTRUCTURE

The NIST Cybersecurity Framework

Critical Infrastructure Protection (CIP) as example of a multi-stakeholder approach.

FEMA Region III Cyber Security Program

Medical Device Cybersecurity: FDA Perspective

CYBERSECURITY. Protecting Against the Financial, Regulatory and Reputational Impacts of Cyber Attack

Cybersecurity and Hospitals: A Board Perspective

Bradford J. Willke. 19 September 2007

Cyber Security & Homeland Security:

Welcome to the CyberSecure My Business Webinar Series We will begin promptly at 2pm EDT All speakers will be muted until that time

Monthly Cyber Threat Briefing

An Overview of DHS s Role and Missions. James McCament Chief of Legislative Affairs, USCIS

ICS-CERT Year in Review. Industrial Control Systems Cyber Emergency Response Team

COUNTERING IMPROVISED EXPLOSIVE DEVICES

ICBA Summary of FFIEC Cybersecurity Assessment Tool (May 2017 Update)

Executive Order on Coordinating National Resilience to Electromagnetic Pulses

Cyber Risks in the Boardroom Conference

Critical Infrastructure Protection and Suspicious Activity Reporting. Texas Department of Public Safety Intelligence & Counterterrorism Division

The Office of Infrastructure Protection

UNCLASSIFIED. National and Cyber Security Branch. Presentation for Gridseccon. Quebec City, October 18-21

THE WHITE HOUSE. Office of the Press Secretary EXECUTIVE ORDER

Federal Information Sharing Resources for Small and Midsize Businesses

THE WHITE HOUSE Office of the Press Secretary EXECUTIVE ORDER

Presidential Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure

SECURITY CODE. Responsible Care. American Chemistry Council. 7 April 2011

Standing Together for Financial Industry Resilience Quantum Dawn 3 After-Action Report. November 19, 2015

Private Sector Clearance Program (PSCP) Webinar

CYBER RESILIENCE & INCIDENT RESPONSE

National Preparedness System (NPS) Kathleen Fox, Acting Assistant Administrator National Preparedness Directorate, FEMA April 27, 2015

Cybersecurity A Regulatory Perspective Sara Nielsen IT Manager Federal Reserve Bank of Kansas City

DHS Cybersecurity Services and Resources

Grid Security & NERC. Council of State Governments. Janet Sena, Senior Vice President, Policy and External Affairs September 22, 2016

Cybersecurity for the Electric Grid

DHS Supply Chain Activity: Cross-Sector Supply Chain Working Group and Strategy on Global Supply Chain Security

CSIRT in general CSIRT Service Categories Reactive Services Proactive services Security Quality Management Services CSIRT. Brmlab, hackerspace Prague

Cybersecurity Overview

2 nd Cybersecurity Workshop Test and Evaluation to Meet the Advanced Persistent Threat

The Office of Infrastructure Protection

Overview of the Federal Interagency Operational Plans

The Office of Infrastructure Protection

ISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002

California Cybersecurity Integration Center (Cal-CSIC)

MANAGING CYBER RISK: THE HUMAN ELEMENTS OF CYBERSECURITY

Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013

STRATEGY ATIONAL. National Strategy. for Critical Infrastructure. Government

Grid Security & NERC

2014 Sector-Specific Plan Guidance. Guide for Developing a Sector-Specific Plan under NIPP 2013 August 2014

Mission: Continuity BUILDING RESILIENCE AGAINST UNPLANNED SERVICE INTERRUPTIONS

March 21, 2016 MEMORANDUM FOR THE HEADS OF EXECUTIVE DEPARTMENTS AND AGENCIES. Building National Capabilities for Long-Term Drought Resilience

ISAO U.S. Government Relations, Programs, and Services

Cybersecurity for Health Care Providers

How Cybersecurity Initiatives May Impact Operators. Ross A. Buntrock, Partner

American Association of Port Authorities Port Security Seminar & Expo Cyber Security Preparedness and Resiliency in the Marine Environment

December 10, Statement of the Securities Industry and Financial Markets Association. Senate Committee on Banking, Housing, and Urban Development

Global cybersecurity and international standards

U.S. Customs and Border Protection Cybersecurity Strategy

10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS

Jeff Marron, IT Specialist Security National Institute of Standards and Technology (NIST)

Water Information Sharing and Analysis Center

Presidential Documents

Defending Our Digital Density.

Critical Infrastructure Resilience

New York Cybersecurity. New York Cybersecurity. Requirements for Financial Services Companies (23NYCRR 500) Solution Brief

The Office of Infrastructure Protection

Emergency Support Function #2 Communications Annex INTRODUCTION. Purpose. Scope. ESF Coordinator: Support Agencies: Primary Agencies:

BUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE

2016 Nationwide Cyber Security Review: Summary Report. Nationwide Cyber Security Review: Summary Report

Control Systems Cyber Security Awareness

Transcription:

DHS Cybersecurity Election Infrastructure as Critical Infrastructure June 2017

Department of Homeland Security Safeguard the American People, Our Homeland, and Our Values Homeland Security Missions 1. Prevent Terrorism and Enhance Security 2. Secure and Manage Our Borders 3. Enforce and Administer Our Immigration Laws 4. Safeguard and Secure Cyberspace 5. Strengthen National Preparedness and Resilience Our work provides a holistic risk management approach for the 16 critical infrastructure sectors with unique legal authorities supporting true private public collaboration We support State and local governments, Federal partners, and private sector owners and operators in the management of their cyber and physical risk Presenter s Name June 17, 2003 2

DHS and Election Security Ensuring Election Officials Receive Benefits DHS s mission to assist state and local officials in strengthen the security of their networks has established trusted relationships between DHS and state and local CIOs and CISOs. DHS has provided numerous no-cost, voluntary cybersecurity services to these officials. As state and local officials, election officials are eligible for all of the same benefits and services. In the course of outreach, we learned that in many states, election officials were not aware of nor benefiting from these services. DHS has since made a concerted effort to reach out to the election community. DHS services are available only upon request, and are voluntary; they do not entail regulation or binding directives of any kind Presenter s Name June 17, 2003 3

Free DHS Cybersecurity Services DHS Services Summary Cyber Hygiene Scanning Risk and Vulnerability Assessment Cyber Resilience Reviews Phishing Campaign Assessment NCCIC/ MS-ISAC Security Tips, Alerts, and Information Sharing Cyber Security Advisors & Protective Security Advisors NCCIC/ MS ISAC Incident Management Automated, recurring scans of internet facing systems to identify public facing vulnerabilities and configuration errors. This service provides the adversary view of your networks Penetration testing Social engineering Wireless access discovery Database scanning Operating system scanning Policy oriented review of an organization s information security practices Longer term engagement testing an organization s aptitude for handling and addressing spearphishing attempts of various degrees of sophistication Provides alerts, analysis reports, bulletins, best practices, cyber threat indicators, guidance, points-of-contact, security tips, and technical documents to stakeholders Regionally located personnel who engage state and local governments, election crime coordinators, and vendors to offer immediate and sustained assistance, coordination, and outreach to prepare and protect from cyber and physical threats. 24x7 cybersecurity operations centers that maintained close coordination among the private sector, government officials, the intelligence community, and law enforcement to provide situational awareness and incident response, as appropriate. For more information on services, please email SLTTCyber@hq.dhs.gov Presenter s Name June 17, 2003 4

Social Engineering and Phishing Attacks Security Tip (ST04-014) https://www.us-cert.gov/ncas/tips/st04-014 In a social engineering attack, an attacker uses human interaction (social skills) to obtain or compromise information about an organization or its computer systems. An attacker may seem unassuming and respectable, possibly claiming to be a new employee, repair person, or researcher and even offering credentials to support that identity. However, by asking questions, he or she may be able to piece together enough information to infiltrate an organization's network. Phishing is a form of social engineering. Phishing attacks use email or malicious websites to solicit personal information by posing as a trustworthy organization. Phishing attacks may also appear to come from other types of organizations, such as charities. Attackers often take advantage of current events and certain times of the year, such as Natural Disasters Epidemics and Health Scares Economic Concerns Political Elections Presenter s Name June 17, 2003 5

Social Engineering and Phishing Attacks Security Tip (ST04-014) How do you avoid being a victim? Be suspicious of unsolicited phone calls, visits, or email messages from individuals asking about employees or other internal information. Do not reveal personal or financial information in email, and do not respond to email solicitations for this information. This includes following links sent in email. Don't send sensitive information over the Internet before checking a website's security. Pay attention to the URL of a website. Malicious websites may look identical to a legitimate site, but the URL may use a variation in spelling or a different domain Install and maintain anti-virus software, firewalls, and email filters to reduce some of this traffic. Take advantage of any anti-phishing features with email client/ web browser. What do you do if you think you are a victim? If you believe you might have revealed sensitive information about your organization, report it to the appropriate people within the organization, including network administrators. They can be alert for any suspicious or unusual activity. If you believe your financial accounts may be compromised, contact your financial institution immediately and close any accounts that may have been compromised. Watch for any unexplainable charges to your account. Immediately change any passwords you might have revealed. If you used the same password for multiple resources, make sure to change it for each account, and do not use that password in the future. Watch for other signs of identity theft. Consider reporting the attack to the police, and file a report with the Federal Trade Commission. Presenter s Name June 17, 2003 6

2016 Election Cycle Known Incidents Investigation Information Sharing Analysis/Attribution Public reporting of incidents on two state systems Cyber Incidents identified on politically affiliated and private sector systems Investigations into incidents produce hundreds of Cyber Threat Indicators USG shares cyber threat indicators and States review network traffic; 20+ states find additional scanning and probing Some cyber threat indicators point to nation-state actors Threat actors appear to be targeting online VRDBs and election websites Security Services DHS provides incident response, best practices, and vulnerability management services, by request, to election officials, media, and private sector vendors Cyber Hygiene By request, DHS helped State and local governments identify and mitigate thousands of vulnerabilities to internet facing systems in advance of Election Day Coordination A critical infrastructure sector was established to improve the quality and timeliness of information provided to the election sector and provide priority for cybersecurity services At this time, we have no evidence of voting systems being targeted, impacted, or votes having been manipulated Presenter s Name June 17, 2003 7

Election Infrastructure as Critical Infrastructure How did we get here? On January 6, 2017, Secretary Jeh Johnson established election infrastructure as a critical infrastructure sub-sector of the existing government facilities sector. This announcement meant that: DHS had determined that systems and assets included in election infrastructure meet this definition of critical infrastructure; and DHS would establish a voluntary mechanism for coordinating with the members of this critical infrastructure community Definition of Critical Infrastructure: Systems and assets, whether physical or virtual, so vital to the United States that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, national public health or safety, or any combination of those matters. State, Local, Tribal, and Territorial Governments are existing participants in critical infrastructure mechanisms The objective of establishing this sub-sector is to provide State and Local election officials and private sector election community with timely and tailored threat information and cybersecurity services Presenter s Name June 17, 2003 8

Election Infrastructure Election infrastructure represents the assets, systems, and networks most critical to the security and resilience of the election process, which includes: Storage facilities, which may be located on public or private property that may be used to store election and voting system infrastructure before Election Day Polling places (including early voting locations), which may be physically located on public or private property, and may face physical and cyber threats to their normal operations on Election Day Centralized vote tabulation locations, which are used by some State and localities to process absentee and Election Day voting materials IT infrastructure and systems used to maintain voter registration databases Voting systems and associated infrastructure, which are generally held in storage but are located at polling places during early voting and on Election Day Information technology infrastructure and systems used to manage elections, which may include systems that count, audit, and display election results on election night on behalf of state governments, as well as for postelection reporting used to certify and validate results Presenter s Name June 17, 2003 9

Benefits of Designation An Overview Prioritization of services Critical infrastructure has priority over non- CI sectors for certain government offered services and resources Liability Protections for Threat and Vulnerability Information Sharing Classified information briefings, as appropriate Voluntary coordinating councils to share information with certain Critical Infrastructure Partnership Advisory Council (CIPAC) policy protections Protected Critical Infrastructure Information: Operators of critical infrastructure can voluntarily share vulnerability information with DHS via PCII mechanism to ensure that mitigations can be applied by all while exempting that information s dissemination in Freedom of Information Act (FOIA) requests, use in civil litigation, and regulatory use Attribution/ Enforcement benefits (EO 13964) U.S. can hold foreign actors accountable for cyber attacks on critical infrastructure Presenter s Name June 17, 2003 10

SLTTCyber@hq.dhs.gov Geoffrey.Hale@hq.dhs.gov

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback