The U.S. Coast Guard s Role in Cybersecurity

Similar documents
Cyber Security Summit 2014 USCENTCOM Cybersecurity Cooperation

American Association of Port Authorities. Navigating the Cyber Domain. Homeland Security UNCLASSIFIED

Cybersecurity Capabilities Overview

DEFENSE LOGISTICS AGENCY

From an Enterprise View. RADM Bob Day Asst Commandant for C4IT & Director of Coast Guard Cyber Command

Rocky Mountain Cyberspace Symposium 2018 DoD Cyber Resiliency

Critical Infrastructure Sectors and DHS ICS CERT Overview

The Office of Infrastructure Protection

National Infrastructure Protection Plan (NIPP) Transportation Sector Specific Plan (TSSP) and The TSSP R&D Working Group

Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013

American Association of Port Authorities Port Security Seminar & Expo Cyber Security Preparedness and Resiliency in the Marine Environment

DHS Cybersecurity: Services for State and Local Officials. February 2017

Department of Homeland Security

BUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE

INFORMATION ASSURANCE DIRECTORATE

Executive Order on Coordinating National Resilience to Electromagnetic Pulses

The NIST Cybersecurity Framework

Panelists. Moderator: Dr. John H. Saunders, MITRE Corporation

Updates to the NIST Cybersecurity Framework

FISMA Cybersecurity Performance Metrics and Scoring

The Office of Infrastructure Protection

Providing Cybersecurity Inventory, Compliance Tracking, and C2 in a Heterogeneous Tool Environment

Cyber Security & Homeland Security:

DISA Cybersecurity Service Provider (CSSP)

Federal Continuous Monitoring Working Group. March 21, DOJ Cybersecurity Conference 2/8/2011

What is milcloud 2.0?

INFORMATION ASSURANCE DIRECTORATE

Cybersecurity Overview

Enterprise Network Modernization. Getting to JRSS. Joint Regional Security Stacks

Office of Infrastructure Protection Overview

Awareness as a Cyber Security Vulnerability. Jack Whitsitt Team Lead, Cyber Security Awareness and Outreach TSA Office of Information Technology

6/18/ ACC / TSA Security Capabilities Workshop THANK YOU TO OUR SPONSORS. Third Party Testing Program Overview.

National Policy and Guiding Principles

CYBER ASSISTANCE TEAM OVERVIEW BRIEFING

Mapping Your Requirements to the NIST Cybersecurity Framework. Industry Perspective

INFORMATION ASSURANCE DIRECTORATE

MULTI-YEAR TRAINING AND EXERCISE PLAN. Boone County Office of Emergency Management

Election Infrastructure Security: The How and Why of It

Emergency Support Function #2 Communications Annex INTRODUCTION. Purpose. Scope. ESF Coordinator: Support Agencies: Primary Agencies:

Presidential Documents

Why you should adopt the NIST Cybersecurity Framework

NATIONAL DEFENSE INDUSTRIAL ASSOCIATION Homeland Security Symposium

INFORMATION ASSURANCE DIRECTORATE

S&T Stakeholders Conference

INFORMATION ASSURANCE DIRECTORATE

How-to Guide: Tenable Nessus for BeyondTrust. Last Revised: November 13, 2018

Joint Information Environment

Department of Homeland Security Science and Technology Directorate

Geospatial Management Office (GMO) U.S. DEPARTMENT OF HOMELAND SECURITY OFFICE OF THE CHIEF INFORMATION OFFICER (OCIO)

Tenable SCAP Standards Declarations. June 4, 2015 (Revision 11)

Testimony. Christopher Krebs Director Cybersecurity and Infrastructure Security Agency U.S. Department of Homeland Security FOR A HEARING ON

Federal Mobility: A Year in Review

Information Warfare Industry Day

Understanding Holistic Effects of Cyber Events on Critical Infrastructure

OPUC Workshop March 13, 2015 Cyber Security Electric Utilities. Portland General Electric Co. Travis Anderson Scott Smith

INFORMATION ASSURANCE DIRECTORATE

Rhode Island Air National Guard. Current Cyber Landscape

DISA CLOUD CLOUD SYMPOSIUM

An Overview of DHS s Role and Missions. James McCament Chief of Legislative Affairs, USCIS

NISP Update NDIA/AIA John P. Fitzpatrick, Director May 19, 2015

Greg Garcia President, Garcia Cyber Partners Former Assistant Secretary for Cyber Security and Communications, U.S. Department of Homeland Security

DHS Cybersecurity. Election Infrastructure as Critical Infrastructure. June 2017

What's New in CTPAT. Logo and Abbreviation Current Membership Trusted Trader Best Practices Minimum Security Criteria Outreach/Training

DHS Geospatial Enterprise Services Update MAPPS Meeting 3/15/16

Science & Technology Directorate: R&D Overview

How Boards use the NIST Cybersecurity Framework as a Roadmap to oversee cybersecurity

Critical Infrastructure Protection and Suspicious Activity Reporting. Texas Department of Public Safety Intelligence & Counterterrorism Division

NYDFS Cybersecurity Regulations: What do they mean? What is their impact?

Framework for Improving Critical Infrastructure Cybersecurity

Statement for the Record

FEMA Update. Tim Greten Technological Hazards Division Deputy Director. NREP April 2017

Water Information Sharing and Analysis Center

Enhancing the Cybersecurity of Federal Information and Assets through CSIP

Cybersecurity Presidential Policy Directive Frequently Asked Questions. kpmg.com

NW NATURAL CYBER SECURITY 2016.JUNE.16

300 Riverview Plaza Odysseus Marcopolus, Chief Operating Officer Trenton, NJ POLICY NO: SUPERSEDES: N/A VERSION: 1.0

Implementing the Administration's Critical Infrastructure and Cybersecurity Policy

Technology Roadmap for Managed IT and Security. Michael Kirby II, Scott Yoshimura 05/24/2017

Intelligence Community Communications Architecture

Homeland Security Information Sharing Architecture

ISAO SO Product Outline

GPS Vulnerability and DHS Mitigation Efforts. David Wulf Acting Deputy Assistant Secretary Infrastructure Protection Department of Homeland Security

Heavy Vehicle Cyber Security Bulletin

Today s cyber threat landscape is evolving at a rate that is extremely aggressive,

Cybersecurity-Related Information Sharing Guidelines Draft Document Request For Comment

ICS-CERT Year in Review. Industrial Control Systems Cyber Emergency Response Team

EMERGENCY SUPPORT FUNCTION (ESF) 13 PUBLIC SAFETY AND SECURITY

STRENGTHENING THE CYBERSECURITY OF FEDERAL NETWORKS AND CRITICAL INFRASTRUCTURE

COMESA CYBER SECURITY PROGRAM KHARTOUM, SUDAN

2 nd Cybersecurity Workshop Test and Evaluation to Meet the Advanced Persistent Threat

Welcome to the CyberSecure My Business Webinar Series We will begin promptly at 2pm EDT All speakers will be muted until that time

Cybersecurity Test and Evaluation Achievable and Defensible Architectures

Current procedures, challenges and opportunities for collection and analysis of Criminal Justice statistics CERT-GH

e-sens Nordic & Baltic Area Meeting Stockholm April 23rd 2013

ISO STANDARD IMPLEMENTATION AND TECHNOLOGY CONSOLIDATION

Automating the Top 20 CIS Critical Security Controls

Forecast to Industry Program Executive Office Mission Assurance/NetOps

STRATEGY ATIONAL. National Strategy. for Critical Infrastructure. Government

Department of Defense Fiscal Year (FY) 2014 IT President's Budget Request Defense Media Activity Overview

Cloud Overview. Mr. John Hale Chief, DISA Cloud Portfolio February, 2018 UNITED IN SERVICE TO OUR NATION UNCLASSIFIED 1

Transcription:

The U.S. Coast Guard s Role in Cybersecurity Mr. Thomas P. Michelli Deputy Chief Information Officer U.S. Coast Guard

What is Cyberspace? Domain characterized by the use of electronics and the electromagnetic spectrum to store, modify, and exchange data via network systems and associated physical infrastructures A domain that is no different than the ones that we routinely operate in; air, land, sea and space Cyberspace is the human created domain

CGCYBER Vision & Mission VISION A safe, secure and resilient cyber operating environment that allows for the execution of Coast Guard missions and maritime transportation interests of the United States. MISSION Coast Guard Cyber Command s mission is to identify, protect against, enhance resiliency in the face of, and counter electromagnetic threats to the Coast Guard and maritime interests of the United States, provide cyber capabilities that foster excellence in the execution of Coast Guard operations, support DHS cyber missions, and serve as the Service Component Command to U.S. Cyber Command. Computer Network Defense Protecting Maritime Critical Infrastructure and Key Resources Enabling Operations Through Cyber Capability

Defend the Platform Cyber affects the full spectrum of Coast Guard operations. It s not an information technology niche it cuts across every aspect of the Coast Guard. - Admiral Zukunft

Cyberspace Roles and Responsibilities Operate in Cyberspace Defend Respond Recover

CGCYBER Designated Computer Network Defense Service Provider (CNDSP) for the Service defense of the DoDIN Cyber Operations Center (CSOC) - 24x7x365 Watch Service Cyber Component to USCYBERCOM - executes TASKORDs from USCYBERCOM Intelligence fusion/indicators and warnings from NTOC

C4ITSC Technical Authority Configuration management for CG networks Build, deploy and maintain security systems and sensors

Maritime Critical Infrastructure The Coast Guard is the Sector Specific Agency (SSA) for the Maritime component of the Transportation Sector 1 of the 16 Critical Sectors Collaboration with our partners in DHS, TSA and DOT Protect maritime sector from all threats (physical, personnel, and cyber)

NIST Voluntary Cybersecurity Framework Voluntary federal cybersecurity standards developed by the National Institute for Standards and Technology in cooperation w/ the private sector Designed for owners and operators of CIKR scalable to suite industry Focuses on; Identification Protection Detection Response Recovery Complimented by the Critical Infrastructure Cyber Community program (C-Cubed)

C-Cubed Voluntary Program Public/private partnership aligning business enterprises and government to resources that will assist their efforts in using the NIST Voluntary Framework Assists with understanding the use of the Framework and other risk management efforts Link and customer relationship manager to help organizations with Framework utilization Encourages feedback from stakeholders about their experiences with the Framework to help drive future updates Aligns with the process and efforts outlined in the 2013 National Infrastructure Protection Plan

Enabling Operations Through Cyber Capabilities Leverage intelligence community (IC) and law enforcement (LE) authorities to understand adversaries intentions and capabilities in cyberspace Capitalize on cyber and SIGINT capabilities Drive tactical cyber intelligence to the front-line operator

Cyberspace Roles and Responsibilities Operate in Cyberspace Defend Respond Recover COLLABORATION COORDINATION Maintain Cyberspace Build Engineer Support

Cyber Tool: ACAS Enterprise vulnerability & compliance scanning infrastructure. Provides capabilities to allow for credentialed scanning of all USCG assets, enterprise scan management, alerting, & reporting against vulnerability and compliance requirements. Deployment Fully Deployed on SIPR and NIPR. Official full transition to be completed by 31 OCT 2014 Full enterprise scans conducted every 30 days Standalone Scanners for OOB networks and systems Management TISCOM ACAS system support and engineering IAD User management, end user training, enterprise dashboard/report template publishing Unclassified / FOUO 5-Nov-14

ACAS Requirement USCYBERCOM TASKORD 13-0670 and the subsequent CGCYBER TASKORD 13-010 mandates the deployment and use of ACAS to provide situational awareness into the health of the networks and actionable intelligence to support risk management decisions. Unclassified / FOUO 5-Nov-14

ACAS Benefits Actionable Information Reporting Specific Vulnerability Triggers Unclassified / FOUO 5-Nov-14

ACAS Architecture Goals Goals Single USCG reporting capability for all assets Credentialed scanning ability for all USCG assets Ability to scan all USCG assets within 30 days Unclassified / FOUO 5-Nov-14

ACAS Components ACAS DoD Phase I Components: Center: The central command and control console for the ACAS infrastructure. (Red Hat) Nessus Vulnerability Scanner: vulnerability auditing/analysis, compliance auditing, and network discovery. ACAS DoD Phase II Components: Passive Vulnerability Scanner (PVS): real-time traffic monitoring for application, vulnerability and protocol analysis. Unclassified / FOUO 5-Nov-14

ACAS Architecture Overview SBU Two independent Center servers located at TISCOM and Alameda. 51 shore side scanners. Two Center servers in MainTest with 3 scanners. SIPR Two independent Center servers located at TISCOM. 105 shore side scanners. Unclassified / FOUO 5-Nov-14

USCG s ACAS Objectives Spiral I Objectives: Deploy Center and Nessus with the same scanning coverage for SBU and SIPR as the previous IAD-VAT enterprise managed scanning infrastructure. 99% SBU Coverage, solution accepted by IAD on 15SEPT14 100% SIPR Coverage, solution accepted by IAD on 31OCT14 Provide recommendations for non-enterprise scanning solutions. USCG Offline scanning guide posted on ACAS CGPortal site. Spiral II Objectives: Optimize Architecture for central reporting, efficiencies, and cost savings. Unclassified / FOUO 5-Nov-14

ACAS Current Initiatives OSC LAN Coverage: Deploy scanners that are centrally managed to all OSC LAN segments. DMZ Coverage: Deploy scanners that are centrally managed with automated reporting to USCG Center. Unclassified / FOUO 5-Nov-14

ACAS Swimlane Overview TISCOM Information Assurance EISI PL Infrastructure Design Product Testing Root Infrastructure Administration ACAS License Key Maintenance ESOD (in support of EISI) Tentative Phase II Transition Infrastructure Health Monitoring Product Deployment Monthly Maintenance IAD VAT Monthly Scanning Scan Processes End User Account Management Initial Asset List Development IAD C&A ISSOs Cyber ITCCB Unclassified / FOUO 5-Nov-14

Questions? ACT Achieving Cybersecurity Together It s our Shared Responsibility.

Backup Slides Unclassified / FOUO 5-Nov-14

ACAS Timeline Center 4.8.2 Architecture Deployment Optimization MAR15 DEC14 SIPR Testing SBU Testing AUG14 01OCT14 Passive Vulnerability Sensor USCYBERCOM SAR 2012-0404 04APR12 SBU Center Deployment SEPT12 USCYBERCOM TASKORD 12-0603 24MAY12 USCYBERCOM TASKORD 13-0670 01AUG13 SBU Nessus Deployment (CONUS) JUL13 CGCYBER TASKORD 13-010 18SEPT13 SPIRAL I SBU OCONUS NESSUS Deployment OCT13 SIPR Center Deployment SEPT13 Retina EOL 31OCT14 Center 4.8 SIPR NESSUS Deployment NOV14 Deployment SETP14 Unclassified / FOUO SPIRAL II Center 5.0 Deployment DEC15 SIPRAL III 5-Nov-14

For Official Use Only DISA ACAS Roadmap FY14-15 Overall Indicator Center v4.8: ACAS Deployment: 24 Sept 2014 (Build 1) New enhanced user/group/role model New HTML5 based analysis Prompting for Assets in Dashboard/Report templates Enhanced Asset Lists Unique ID capability Center v4.8.2: ACAS Deployment: 26 March 2015 ACAS ARF/ASR Publishing Updates for CMRS UpdatedARF reports to include version of the plugin, name of the scan policy, timestamp for credentialed scans, BIOS GUID and McAfee Agent GUID. Updated Plugin text to include Scan Policy, Banchmark Names, Unsupported Products, and whether scans were authenticated or unauthenticated. Center v5.0: ACAS Deployment: 1 Dec 2015 Fully completed HTML5 user interface Support for greater than 4GB repository sizes (now allows for 32GB repositories) Vulnerability Trending backend improvements (reducing storage requirements) Center API rewritten to a RESTful one Additional integration with other ACAS products (Nessus & PVS) Updates to ARF/ASR reports and plugin text to meet CMRS requirements Nessus v6.0: ACAS Deployment: 15 Jan 2015 The ability to restore a scan (after an unexpected crash/shutdown/etc.) Automatic update of the scanners Use Windows events for all I/O PVS v4.2: ACAS Deployment: 20 Jan 2015 Increased throughput of 10GB PVS v4.4: ACAS Deployment: 12 Jun 2015 Automatic update of the PVS engine This document is informational only. Tenable reserves the right to change the schedule or list of features without prior notice. For Official Use Only 25 Version 1

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback