The Office of Infrastructure Protection

Similar documents
The Office of Infrastructure Protection

Office of Infrastructure Protection Overview

The Office of Infrastructure Protection

The Office of Infrastructure Protection

DHS Cybersecurity: Services for State and Local Officials. February 2017

June 5, 2018 Independence, Ohio

The Office of Infrastructure Protection

The Office of Infrastructure Protection

Cybersecurity Presidential Policy Directive Frequently Asked Questions. kpmg.com

DHS Cybersecurity. Election Infrastructure as Critical Infrastructure. June 2017

The Office of Infrastructure Protection

Election Infrastructure Security: The How and Why of It

COUNTERING IMPROVISED EXPLOSIVE DEVICES

THE WHITE HOUSE. Office of the Press Secretary. EMBARGOED UNTIL DELIVERY OF THE PRESIDENT'S February 12, 2013 STATE OF THE UNION ADDRESS

Critical Infrastructure Sectors and DHS ICS CERT Overview

Cyber Security & Homeland Security:

Testimony. Christopher Krebs Director Cybersecurity and Infrastructure Security Agency U.S. Department of Homeland Security FOR A HEARING ON

Department of Homeland Security Updates

NATIONAL DEFENSE INDUSTRIAL ASSOCIATION Homeland Security Symposium

PD 7: Homeland Security Presidential Directive 7: Critical Infrastructure Identification, Prioritization, and Protection

Why you should adopt the NIST Cybersecurity Framework

National Policy and Guiding Principles

Region Snapshot Regions I and II

Critical Infrastructure Protection and Suspicious Activity Reporting. Texas Department of Public Safety Intelligence & Counterterrorism Division

South Dakota Utah Wyoming Needs and Challenges Funding assistance Training Federal program enhancements Exercises

ISAO SO Product Outline

Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013

ICS-CERT Year in Review. Industrial Control Systems Cyber Emergency Response Team

Statement for the Record

U.S. Department of Homeland Security Office of Cybersecurity & Communications

The National Network of Fusion Center: Where We Have Been and Where We are Going

Critical Infrastructure Resilience

FEMA Region III Cyber Security Program

Region Snapshot Region IV

Cybersecurity Overview

COUNTERING IMPROVISED EXPLOSIVE DEVICES

National Preparedness System (NPS) Kathleen Fox, Acting Assistant Administrator National Preparedness Directorate, FEMA April 27, 2015

PIPELINE SECURITY An Overview of TSA Programs

California Cybersecurity Integration Center (Cal-CSIC)

The Office of Infrastructure Protection

DHS Supply Chain Activity: Cross-Sector Supply Chain Working Group and Strategy on Global Supply Chain Security

NATIONAL CAPITAL REGION HOMELAND SECURITY STRATEGIC PLAN SEPTEMBER 2010 WASHINGTON, DC

2016 Nationwide Cyber Security Review: Summary Report. Nationwide Cyber Security Review: Summary Report

Louisiana - State Analytical & Fusion Exchange (LA-SAFE)

American Association of Port Authorities. Navigating the Cyber Domain. Homeland Security UNCLASSIFIED

Critical Infrastructure

Control Systems Cyber Security Awareness

TERRORISM LIAISON OFFICER OUTREACH PROGRAM - (TLOOP)

Emergency Support Function #2 Communications Annex INTRODUCTION. Purpose. Scope. ESF Coordinator: Support Agencies: Primary Agencies:

DHS Emergency Services Sector Presents Tools and Resources for First Responders. June 1, pm ET

Greg Garcia President, Garcia Cyber Partners Former Assistant Secretary for Cyber Security and Communications, U.S. Department of Homeland Security

Federal Civilian Executive branch State, Local, Tribal, Territorial government (SLTT) Private Sector (PS) Unclassified / Business Networks

UNCLASSIFIED. National and Cyber Security Branch. Presentation for Gridseccon. Quebec City, October 18-21

Nationwide Suspicious Activity Reporting. Crime Stoppers USA Training Conference New Orleans September 2018

Today s cyber threat landscape is evolving at a rate that is extremely aggressive,

Implementing the Administration's Critical Infrastructure and Cybersecurity Policy

STANDARD OPERATING PROCEDURE Critical Infrastructure Credentialing/Access Program Hurricane Season

Overview of the Federal Interagency Operational Plans

STRATEGY ATIONAL. National Strategy. for Critical Infrastructure. Government

Introduction to the National Response Plan and National Incident Management System

Mississippi Emergency Management Agency. Shawn Wise. Office Of Preparedness

Oregon Department of Justice

The Office of Infrastructure Protection. Background. Purpose 6/13/2016. National Protection and Programs Directorate Department of Homeland Security

Sharing of Information & Intelligence on the Importation & Transportation of Food

2014 Sector-Specific Plan Guidance. Guide for Developing a Sector-Specific Plan under NIPP 2013 August 2014

Florida Regional Domestic Security Task Forces

Medical Device Cybersecurity: FDA Perspective

Implementing Executive Order and Presidential Policy Directive 21

Working Draft Supplemental Tool: Connecting to the NICC and NCCIC Draft October 21, 2013

The Role of ISACs in Protecting Critical Infrastructure. Denise Anderson Chair National Council of ISACs. Agenda

Water Information Sharing and Analysis Center

Critical Infrastructure Mission Implementation by State, Local, Tribal, and Territorial Agencies and Public-Private Partnerships.

Federal Information Sharing Resources for Small and Midsize Businesses

Good morning, Chairman Harman, Ranking Member Reichert, and Members of

NGA Governor s Energy Advisors Energy Policy Institute Resiliency Panel

The Office of Infrastructure Protection

Emergency Support Function #12 Energy Annex. ESF Coordinator: Support Agencies:

NATIONAL INFORMATION SHARING STRATEGY

Updates to the NIST Cybersecurity Framework

2 nd Cybersecurity Workshop Test and Evaluation to Meet the Advanced Persistent Threat

The Role of the ISACs in Critical Infrastructure Resilience Presented by Steve Lines Executive Director Defense Industrial Base Information Sharing

Executive Order on Coordinating National Resilience to Electromagnetic Pulses

NSI. Suspicious Activity Reporting Line Officer Training

STRENGTHENING THE CYBERSECURITY OF FEDERAL NETWORKS AND CRITICAL INFRASTRUCTURE

Needs and Challenges Funding assistance Training Partnership capabilities and sustainment. Implement Risk Management

Panelists. Moderator: Dr. John H. Saunders, MITRE Corporation

Heavy Vehicle Cyber Security Bulletin

Applying Mitigation. to Build Resilient Communities

Panel 1 National CSIRT Experience

DHS Cybersecurity Services and Resources

TSA/FTA Security and Emergency Management Action Items for Transit Agencies

Monthly Cyber Threat Briefing

Homeland Security Perspectives: Oregon Fire District Directors Association October 25, 2018

Securing Industrial Control Systems

April 2009 Unclassified // For Official Use Only

NATIONAL ELECTRIC GRID SECURITY AND RESILIENCE ACTION PLAN

Mitigation Framework Leadership Group (MitFLG) Charter DRAFT

GPS Vulnerability and DHS Mitigation Efforts. David Wulf Acting Deputy Assistant Secretary Infrastructure Protection Department of Homeland Security

UNCLASSIFIED. September 24, In October 2007 the President issued his National Strategy for Information Sharing. This

CYBERSECURITY FOR STARTUPS AND SMALL BUSINESSES OVERVIEW OF CYBERSECURITY FRAMEWORKS

Transcription:

The Office of Infrastructure Protection National Protection and Programs Directorate Department of Homeland Security Protective Security Coordination Division Overview ND Safety Council Annual Conference 23 Feb 2018

Role of DHS Unify a national effort to secure America Prevent and deter terrorist attacks Protect against and respond to threats and hazards to the Nation Respond to and recover from acts of terrorism, natural disaster, or other emergencies Coordinate the protection of our Nation s critical infrastructure across all sectors 2

Critical Infrastructure Sectors Chemical Commercial Facilities Communications Critical Manufacturing Dams Defense Industrial Base Emergency Services Energy Financial Services Food and Agriculture Government Facilities Healthcare and Public Health Information Technology Nuclear Reactors, Materials, and Waste Transportation Systems Water and Wastewater Systems Courtesy of DHS 3

DHS Infrastructure Protection Protective Security Coordination Division Conduct Security Surveys, Gap Analysis, and Assessments Conduct Outreach Activities Support National Special Security Events (NSSEs) and Special Event Activity Rating (SEAR) Events Respond to Incidents Provide free, on and offsite training concerning all hazards such as Improvised Explosive Devices (IEDs), Active Shooters, flooding, winter storms, summer storms, toxic inhalation hazards and more 4

Protective Security Advisors PSAs are field-deployed personnel who serve as critical infrastructure security specialists State, local, tribal, and territorial (SLTT) and private sector link to DHS infrastructure protection resources Coordinate vulnerability assessments, training, and other DHS products and services Provide a vital link for information sharing in steady state and incident response Assist facility owners and operators with obtaining security clearances During contingency events, PSAs support the response, recovery, and reconstitution efforts of the States by serving as pre-designated Infrastructure Liaisons (IL) and Deputy ILs at the Joint Field Offices 5

Protective Security Advisor Locations Courtesy of DHS 6

Protected Critical Infrastructure Information Established under the Critical Infrastructure Information Act of 2002 Protects voluntarily submitted critical infrastructure information from: Freedom of Information Act State and local sunshine laws Civil litigation proceedings Regulatory usage Provides private sector with legal protections and peace of mind. Courtesy of DHS 7

Examples of Critical Infrastructure Information Protected information defined by the Critical Infrastructure Information Act includes: Threats Actual, potential, or threatened interference with, attack on, compromise of, or incapacitation of a critical asset Vulnerabilities Ability to resist threats, including assessments or estimates of vulnerability Operational experience Any past operational problem or planned or past solution including repair, recovery, or extent of incapacitation Any information normally available in the public domain will not be protected 8

Infrastructure Survey Tool The IST is a web-based vulnerability survey tool that applies weighted scores to identify infrastructure vulnerabilities and trends across sectors Facilitates the consistent collection of security information Physical Security Security Force Security Management Information Sharing Protective Measures Dependencies 9

IST Survey Data Categories Facility Information Contacts Facility Overview Information Sharing* Protective Measures Assessment* Criticality* Security Management Profile* Security Areas/Assets Additional DHS Products/Services Criticality Appendix Images Security Force* Physical Security* Building Envelope Delivery/Vehicle Access Control Parking Site s Security Force Intrusion Detection System (IDS)/Close Circuit Television (CCTV) Access Control Security Lighting Cyber Vulnerability Dependencies* * Comparative analysis provided 10

Infrastructure Visualization Platform Infrastructure Visualization Platform (IVP) A data collection and presentation medium that supports critical infrastructure security, special event planning, and response operations by leveraging assessment data and other relevant materials Integrates assessment data with immersive video, geospatial, and hypermedia data Assists facility owners and operators, local law enforcement, and emergency response personnel to prepare for, respond to, and manage critical infrastructure, National Special Security Events (NSSEs), high-level special events, and contingency operations 11

IP Gateway https://ipgateway.dhs.gov/ The IP Gateway is a single interface through which DHS mission partners can access a large range of integrated IP systems and capabilities to conduct comprehensive data collection and analysis It enables SLTT and Federal partners to manage information about the infrastructure in their communities for risk management, infrastructure protection, event planning, and incident response activities 12

InfraGard https://www.infragard.org InfraGard is an information-sharing and analysis effort serving the interests of and combining the knowledge base of a wide range of members At its most basic level, InfraGard is a partnership between the Federal Bureau of Investigation (FBI) and the private sector InfraGard is an association of businesses, academic institutions, State and local law enforcement agencies, and other participants dedicated to sharing information and intelligence to prevent hostile acts against the United States 13

Homeland Security Information Network (HSIN) https://hsin.dhs.gov/ HSIN is DHS s primary technology tool for trusted information sharing HSIN Critical Infrastructure (HSIN-CI) enables direct communication between: DHS Federal, State, and local governments Critical infrastructure owners and operators 14

Cyber Support for Critical Infrastructure National Cybersecurity and Communications Integration Center (NCCIC) United States Computer Emergency Readiness Team (US-CERT) Operations Center Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) Operations Center National Cybersecurity Assessment & Technical Services (NCATS) US-CERT Control Systems Security Program Cyber Exercise Program Cyber Security Evaluations Program Cyber Security Advisors Protective Security Advisors 15

Critical Infrastructure Cyber Community www.us-cert.gov/ccubedvp DHS launched the C 3 Program in February 2014 to complement the launch of the National Institute of Standards and Technology Cybersecurity Framework (NIST CSF) The C 3 Voluntary Program helps sectors and organizations that want to use the CSF by connecting them to existing cyber risk management capabilities provided by DHS, other U.S. Government organizations, and the private sector The C 3 website describes the various programs DHS offers to critical infrastructure partners, including Federal, SLTT, and private sector organizations 16

Cyber Incident Reporting NCCIC provides real-time threat analysis and incident reporting capabilities 24x7 contact number: 1-888-282-0870 https://forms.us-cert.gov/report/ When to report: If there is a suspected or confirmed cyber attack or incident that: Affects core government or critical infrastructure functions Results in the loss of data, system availability, or control of systems Indicates malicious software is present on critical systems 17

Information Sharing Analysis Centers: ISACs collaborate with each other via the National Council of ISACs. Formed in 2003, the NCI today comprises 24 organizations. It is a coordinating body designed to maximize information flow across the private sector critical infrastructures and with government. Communications ISAC Electric Sector ISAC Emergency Management and Response ISAC Financial Services ISAC National Health ISAC Highway / Surface Transportation ISAC Information Technology ISAC Maritime ISAC Multi-State ISAC Public Transit ISAC Real Estate ISAC Research and Education ISAC Supply Chain ISAC Water ISAC 19

Active Shooter Protocols QUICKLY DETERMINE THE MOST REASONABLE WAY TO PROTECT YOUR OWN LIFE. CUSTOMERS AND CLIENTS ARE LIKELY TO FOLLOW THE LEAD OF EMPLOYEES AND MANAGERS DURING AN ACTIVE SHOOTER SITUATION. RUN, HIDE, FIGHT 20

Run, Hide, Fight Evacuate (run) Have an escape route and plan in mind Leave your belongings behind Keep your hands visible Hide Hide in an area out of the active shooter s view. Block entry to your hiding place and lock the doors Fight As a last resort and only when your life is in imminent danger. Attempt to incapacitate the active shooter Act with physical aggression and throw items at the active shooter 21

Fusion Centers: Fusion centers provide multidisciplinary expertise and situational awareness to inform decision making at all levels of government. They conduct analysis and facilitate information sharing while assisting law enforcement and homeland security partners in preventing, protecting against, and responding to crime and terrorism. Ref: https://www.dhs.gov/state-and-major-urban-areafusion-centers 22

ND Fusion Center ND State and Local Intelligence Center or ND SLIC: Mission: To gather, store, analyze and disseminate information on hazards (nature/man-made), crimes (real and suspected), to the law enforcement community, government officials and private industry for the purposes of decision making, public safety and proactive law enforcement while ensuring the rights and privacy of citizens. 23

How Can You Help? Engage with PSAs and other partners on critical infrastructure protection programs and initiatives Encourage participation in efforts to identify, assess, and secure critical infrastructure in your community Communicate local concerns related to critical infrastructure protection Enhanced security and resilience depends on developing and strengthening partnerships between all entities with a role in critical infrastructure protection 24

Summary Provide partners with effective vulnerability and gap analyses, bombing prevention capability analyses, and the development of protective measures to identify emerging needs and areas for investment Through data collection, assessment, and analysis, DHS can generate products for Federal, State, and local officials and private sector owners and operators that drive initiatives, such as infrastructure protection grant programs and research and development requirements 25

Resources Protective Security Advisors proactively engage with government partners and the private sector to protect critical infrastructure. For more information or to contact your local PSA, e-mail NICC@hq.dhs.gov. The Ready Campaign provides help with planning for businesses at http://www.ready.gov/business. DHS Active Shooter resources are available at http://www.dhs.gov/active-shooter-preparedness. If You See Something, Say Something http://www.dhs.gov/see-something-say-something. Nationwide Suspicious Activity Reporting (SAR) Initiative (NSI) information is available at https://nsi.ncirc.gov/. SAR training for private sector partners is located at https://nsi.ncirc.gov/hsptregistration/private_sector/. Counter-Improvised Explosive Device information and resources are available at www.dhs.gov/tripwire. InfraGard is a public-private partnership between the FBI and the private sector that represents individuals from businesses, academic institutions, State and local law enforcement, fire and EMS agencies, as well as other participants dedicated to sharing information, education, and intelligence. Please go to www.infragardmembers.org and https://www.infragard.org. Information on DHS cybersecurity programs is available at www.dhs.gov/cyber. To find out more about the Cybersecurity Awareness Campaign, go to http://www.dhs.gov/stopthinkconnect. For tips from the U.S. Computer Emergency Response Team, go to https://www.us-cert.gov/ncas/tips.

For more information, visit: www.dhs.gov/critical-infrastructure Don Ronsberg Protective Security Advisor, North Dakota Donald.ronsberg@hq.dhs.gov

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback