American Association of Port Authorities. Navigating the Cyber Domain. Homeland Security UNCLASSIFIED

Similar documents
PIPELINE SECURITY An Overview of TSA Programs

Statement for the Record

Critical Infrastructure Sectors and DHS ICS CERT Overview

AAPA Smart Ports. Cyber Management for Ports Panel. Small Port Cyber Security Workshops. March 6, 2018

The Office of Infrastructure Protection

Transportation Security Planning in British Columbia David Morhart, Deputy Solicitor General

Resiliency & Maritime Security Preparedness Planning

Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013

DHS Supply Chain Activity: Cross-Sector Supply Chain Working Group and Strategy on Global Supply Chain Security

Panelists. Moderator: Dr. John H. Saunders, MITRE Corporation

S&T Stakeholders Conference

The Office of Infrastructure Protection

The Beyond the Border Action Plan

Navigation and Vessel Inspection Circular (NVIC) 05-17; Guidelines for Addressing

An Overview of DHS s Role and Missions. James McCament Chief of Legislative Affairs, USCIS

Cyber Security Summit 2014 USCENTCOM Cybersecurity Cooperation

Department of Homeland Security Updates

NATIONAL DEFENSE INDUSTRIAL ASSOCIATION Homeland Security Symposium

Quadrennial Homeland Security Review (QHSR) Ensuring Resilience to Disasters

Department of Homeland Security Science and Technology Directorate

The Office of Infrastructure Protection

UNCLASSIFIED. National and Cyber Security Branch. Presentation for Gridseccon. Quebec City, October 18-21

Cyber Management for Ports Results of Small Port Cyber Security Workshops

COUNTERING IMPROVISED EXPLOSIVE DEVICES

DHS Cybersecurity: Services for State and Local Officials. February 2017

Critical Infrastructure Analysis and Protection - A Case for Secure Information Exchange. August 16, 2016

Emergency Management Response and Recovery. Mark Merritt, President September 2011

Office of Infrastructure Protection Overview

Overview of the Federal Interagency Operational Plans

STRATEGY ATIONAL. National Strategy. for Critical Infrastructure. Government

ICS-CERT Year in Review. Industrial Control Systems Cyber Emergency Response Team

FEMA Region III Cyber Security Program

Department of Homeland Security

National Infrastructure Protection Plan (NIPP) Transportation Sector Specific Plan (TSSP) and The TSSP R&D Working Group

NATIONAL STRATEGY FOR GLOBAL SUPPLY CHAIN SECURITY

Region Snapshot Regions I and II

American Association of Port Authorities Port Security Seminar & Expo Cyber Security Preparedness and Resiliency in the Marine Environment

Cybersecurity Overview

All-Hazards Approach to Water Sector Security & Preparedness ANSI-HSSP Arlington, VA November 9, 2011

The NIST Cybersecurity Framework

DHS Cybersecurity. Election Infrastructure as Critical Infrastructure. June 2017

National Policy and Guiding Principles

CYBER RISK AND SHIPS :PRACTICAL ISSUES FOLLOWING BIMCO GUIDELINE

Inter-American Port Security Cooperation Plan

The U.S. Coast Guard s Role in Cybersecurity

Supply Chain Security Since 9/11

Science & Technology Directorate: R&D Overview

The Age of Heightened Security

Cyber Security in Europe

Louisiana - State Analytical & Fusion Exchange (LA-SAFE)

Cybersecurity Presidential Policy Directive Frequently Asked Questions. kpmg.com

GPS Vulnerability and DHS Mitigation Efforts. David Wulf Acting Deputy Assistant Secretary Infrastructure Protection Department of Homeland Security

THE WHITE HOUSE. Office of the Press Secretary. EMBARGOED UNTIL DELIVERY OF THE PRESIDENT'S February 12, 2013 STATE OF THE UNION ADDRESS

Critical Infrastructure Protection (CIP) as example of a multi-stakeholder approach.

Mississippi Emergency Management Agency. Shawn Wise. Office Of Preparedness

June 5, 2018 Independence, Ohio

Critical Infrastructure Partnership

The Office of Infrastructure Protection

BUILD AND MAINTAIN SAFE COMMUNITIES WITH ARCGIS ONE PLATFORM, MANY MISSIONS

CYBER SECURITY AIR TRANSPORT IT SUMMIT

RÉPUBLIQUE D HAÏTI Liberté Egalité - Fraternité

STRATEGIC PLAN. USF Emergency Management

Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure

Emergency Support Function #2 Communications Annex INTRODUCTION. Purpose. Scope. ESF Coordinator: Support Agencies: Primary Agencies:

Emergency Support Function #12 Energy Annex. ESF Coordinator: Support Agencies:

The J100 RAMCAP Method

Port Resiliency: Advancements of the Committee on the Marine Transportation System - Resilience Integrated Action Team

The Office of Infrastructure Protection

Control Systems Cyber Security Awareness

Directive on security of network and information systems (NIS): State of Play

Critical Infrastructure Protection & Resilience Europe / Asia. Conference Discussion Reviews

cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services

NATIONAL CAPITAL REGION HOMELAND SECURITY STRATEGIC PLAN SEPTEMBER 2010 WASHINGTON, DC

Cyber Security: Threat and Prevention

Written Statement of. Timothy J. Scott Chief Security Officer The Dow Chemical Company

U.S. Department of Homeland Security Office of Cybersecurity & Communications

Overview of Customs-Trade Partnership Against Terrorism (C-TPAT)

The Office of Infrastructure Protection

April 5, Subject: DHS Multi-Agency Operation Centers Would Benefit from Taking Further Steps to Enhance Collaboration and Coordination

STRENGTHENING THE CYBERSECURITY OF FEDERAL NETWORKS AND CRITICAL INFRASTRUCTURE

The Office of Infrastructure Protection

United States Coast Guard Office of Port and Facility Compliance (CG-FAC) Cybersecurity and the Marine Transportation System.

Outreach and Partnerships for Promoting and Facilitating Private Sector Emergency Preparedness

About Issues in Building the National Strategy for Cybersecurity in Vietnam

The US National Near-Earth Object Preparedness Strategy and Action Plan

PortSec: A Port Security Risk Analysis and Resource Allocation System

HPH SCC CYBERSECURITY WORKING GROUP

Cyber Attacks & Breaches It s not if, it s When

COUNTERING IMPROVISED EXPLOSIVE DEVICES

TERRORISM LIAISON OFFICER OUTREACH PROGRAM - (TLOOP)

Cyber Threats and the. Marine Transportation. System. Homeland Security UNCLASSIFIED

Region Snapshot Region IV

Cyber Resilience. Think18. Felicity March IBM Corporation

Heavy Vehicle Cyber Security Bulletin

Executive Order on Coordinating National Resilience to Electromagnetic Pulses

The Office of Infrastructure Protection

2014 Sector-Specific Plan Guidance. Guide for Developing a Sector-Specific Plan under NIPP 2013 August 2014

Cyber Security & Homeland Security:

Introduction to the National Response Plan and National Incident Management System

Department of Homeland Security Science & Technology

Transcription:

American Association of Port Authorities Navigating the Cyber Domain Captain James Cash Deputy Director U.S. Coast Guard Cyber Command

Vision & Mission VISION A safe, secure and resilient cyber operating environment that allows for the execution of Coast Guard missions and maritime transportation interests of the United States. MISSION The CGCYBERCOM mission is to identify, protect against, enhance resiliency in the face of, and counter electromagnetic threats to the Coast Guard and maritime interests of the United States, provide cyber capabilities that foster excellence in the execution of Coast Guard operations, support DHS cyber missions, and serve as the Service Component Command to U.S. Cyber Command. Computer Network Defense Protecting MCIKR Creating a Decision Advantage for the Service

Mission Areas Living Marine Resources Law Enforcement, Marine Safety Ports, Waterways, and Coastal DHS Mission 4: Cybersecurity Marine Safety DHS Mission 1: Critical Infrastructure DHS Mission 2: Secure Borders DHS Mission 4: Cybersecurity DHS Mission 5: Resiliency Migrant Interdiction Counter Drug DHS Mission 1: Enhancing DHS Mission 2: Secure Borders DHS Mission 3: Enforcing Immigration Laws Provide a Secure Platform Secure Ports and Waterways Provide Decision Advantage

Policy Linkage

Sector-Specific Plans (SSPs) Each SSA is responsible for writing a Sector-Specific Plan Latest Transportation Systems Sector-Specific Plan issued in 2010, with modal Annexes. Maritime Annex is not subordinate to the TS SSP, but is a component of. The Transportation Systems Sector has four primary goals: (TSSSP, 2010, p. 25-26) Goal 1: Prevent and deter acts of terrorism using, or against the transportation system; Goal 2: Enhance the all-hazard preparedness and resilience of the global transportation system to safeguard U.S. national interests; Goal 3: Improve the effective us of resources for transportation security; Goal 4: Improve sector situational awareness, understanding and collaboration.

Maritime Critical Infrastructure Protection CG is the Sector-Specific Agency (SSA) for Maritime Transportation Roles and responsibilities directly linked to national policy Transportation Systems Sector Specific Plan - coordinate protection of cyber systems within Marine Transportation System & Critical Infrastructure/Key Resources CG Chairs each Port s Area Maritime Committee Port partnerships/maritime stakeholders proven trust and credibility; well established Maritime Comms Plan. Service level lead cyber involvement in key DHS initiatives Direct Support to front line operational commands (I&W, exercise support, awareness briefings, etc.)

CGCYBER NIPP/CIKR Priorities Raise awareness and understanding of maritime cyber issues with port partners Develop proactive public-private partnerships utilizing existing Captain of the Port structures Form a comprehensive cyber risk picture Cybersecurity Assessment and Risk Management Approach (CARMA) Maritime Risk Analysis Model (MSRAM) Effectively share information Cross-Sector Cyber Working Group (CSCSWG) Industrial Control Systems Joint Working Group (ICSJWG) Transportation Systems Sector Cyber Working Group (TSS CWG) Cyber Unified Coordination Group (CYBER UCG)

MTSA 2002 Public law enacted in response to the attacks of 9-11 Tasked to identify weaknesses in physical security, passenger and cargo security, structural integrity, protection systems, procedural policies, communications systems, transportation infrastructure, utilities, contingency response and other areas Primarily focused on the physical security of ports, waterways, vessels, and facilities (although there is mention of computers and other electromagnetic systems)

The New Reality Cyber is a domain. like land, air, water, and space Touch-points within all 18 Sectors Critical infrastructure and key resources (CIKR) as well as global supply chain highly dependent on cyber technologies A threat vector that can have physical/kinetic effects inside our ports and waterways You can t have good physical security without good cybersecurity. - Mark Weatherford, Deputy Undersecretary DHS NPPD

Global Risk

Success of the MTS Cyber Dependence DEVICES COMMUNICATING OVER A NETWORK WORLD WIDE

Economic Impact of the Maritime Domain 95% of all U.S. foreign trade through 361 ports $800 billion/year in freight $2 billion/day trade with Canada 7,000 oceangoing vessels made 55,560 port calls annually (Source MARAD & RITA)

Cruise Lines

Intermodal Touch-points

The Threat NATURAL DISASTERS CRIMINALS INSIDERS HACKTIVISTS NATION STATES

The Vulnerabilities INDUSTRIAL CONTROL SYSTEMS WIRELESS NETWORKS & SMARTPHONES

The Impacts Scenario: Los Angeles/Long Beach Port Cyber incident could lead to disruption or uncertainty in Port of Los Angeles/Long Beach where $520 million of cargo is handled daily. Vulnerabilities: Port Industrial Control Systems Compromised systems such as supervisory control and data acquisition (SCADA) would cause major disruption in maritime environment. 2011 Example Cyber Incident: Houston A cyber intrusion was conducted against a Houston water utility facility. Individual gained access to system diagrams and potential control of SCADA system.

On-site emergency response Cyber a Team Sport USCG/TSA/DOT Strength through partnership Unit of effort to protect the transportation sector National Cybersecurity and Communications Integration Center DHS 24X7 cyber operations center National response center for coordination federal response to a cyber incident US-CERT Coordinate cyber information sharing Vulnerability and risk assessments ICS-CERT Basic, intermediate and advanced cybersecurity and industrial control systems training

National Cyber Awareness Month October 2012 marks the ninth annual National Cyber Awareness Month sponsored by the Department of Being safer online is a shared responsibility Defeating cyber threats requires engagement from all of us from government and law enforcement to the private sector and most importantly, members of the public to create a safer cyber environment Where you can go for information: www.dhs.gov/stopthinkconnect www.dhs.gov/national-cyber-security-awareness-month

ACT Achieving Cybersecurity Together It s our Shared Responsibility.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback