Cyber Security & Homeland Security:

Similar documents
Homeland Security Perspectives: Oregon Fire District Directors Association October 25, 2018

Federal Civilian Executive branch State, Local, Tribal, Territorial government (SLTT) Private Sector (PS) Unclassified / Business Networks

Dr. Emadeldin Helmy Cyber Risk & Resilience Bus. Continuity Exec. Director, NTRA. The African Internet Governance Forum - AfIGF Dec 2017, Egypt

Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013

The Office of Infrastructure Protection

Homeland Security and Cyber Infrastructure Resilience

DHS Cybersecurity Services and Resources

June 5, 2018 Independence, Ohio

DHS Cybersecurity: Services for State and Local Officials. February 2017

Panelists. Moderator: Dr. John H. Saunders, MITRE Corporation

U.S. Department of Homeland Security Office of Cybersecurity & Communications

Evaluating and Improving Cybersecurity Capabilities of the Electricity Critical Infrastructure

The Office of Infrastructure Protection

DHS Election Task Force Updates. Geoff Hale, Elections Task Force

Updates to the NIST Cybersecurity Framework

Election Infrastructure Security: The How and Why of It

The Office of Infrastructure Protection

Cybersecurity Presidential Policy Directive Frequently Asked Questions. kpmg.com

Statement for the Record

The Office of Infrastructure Protection

Implementing Executive Order and Presidential Policy Directive 21

Implementing the Administration's Critical Infrastructure and Cybersecurity Policy

The Office of Infrastructure Protection

ICS-CERT Year in Review. Industrial Control Systems Cyber Emergency Response Team

CYBERSECURITY FOR STARTUPS AND SMALL BUSINESSES OVERVIEW OF CYBERSECURITY FRAMEWORKS

2014 Sector-Specific Plan Guidance. Guide for Developing a Sector-Specific Plan under NIPP 2013 August 2014

Testimony. Christopher Krebs Director Cybersecurity and Infrastructure Security Agency U.S. Department of Homeland Security FOR A HEARING ON

Cyber Resilience. Think18. Felicity March IBM Corporation

2016 Nationwide Cyber Security Review: Summary Report. Nationwide Cyber Security Review: Summary Report

National Preparedness System (NPS) Kathleen Fox, Acting Assistant Administrator National Preparedness Directorate, FEMA April 27, 2015

Overview of the Federal Interagency Operational Plans

Bonnie A. Goins Adjunct Industry Professor Illinois Institute of Technology

Water Information Sharing and Analysis Center

Emergency Support Function #2 Communications Annex INTRODUCTION. Purpose. Scope. ESF Coordinator: Support Agencies: Primary Agencies:

DHS Cybersecurity. Election Infrastructure as Critical Infrastructure. June 2017

NCSF Foundation Certification

Critical Infrastructure Sectors and DHS ICS CERT Overview

Cyber Hygiene: A Baseline Set of Practices

Critical Infrastructure Partnership

Region Snapshot Regions I and II

Information Collection Request: The Department of Homeland. Security, Stakeholder Engagement and Cyber Infrastructure

National Preparedness System. Update for EMForum June 11, 2014

Framework for Improving Critical Infrastructure Cybersecurity

Good morning, Chairman Harman, Ranking Member Reichert, and Members of

FEMA Region III Cyber Security Program

Framework for Improving Critical Infrastructure Cybersecurity. and Risk Approach

CYBER SECURITY FOR WATER AND WASTEWATER UTILITIES PRESENTED BY: DAVID A. CHANDA, PE

Long-Term Power Outage Response and Recovery Tabletop Exercise

South Dakota Utah Wyoming Needs and Challenges Funding assistance Training Federal program enhancements Exercises

Regional Resilience: Prerequisite for Defense Industry Base Resilience

Executive Order on Coordinating National Resilience to Electromagnetic Pulses

Member of the County or municipal emergency management organization

NATIONAL DEFENSE INDUSTRIAL ASSOCIATION Homeland Security Symposium

The Office of Infrastructure Protection

Houston Urban Area Security Initiative (UASI) Cybersecurity Mini-Assessment Workshop

PIPELINE SECURITY An Overview of TSA Programs

NW NATURAL CYBER SECURITY 2016.JUNE.16

National Policy and Guiding Principles

S&T Stakeholders Conference

CYBERSECURITY. Protecting Against the Financial, Regulatory and Reputational Impacts of Cyber Attack

STRATEGY ATIONAL. National Strategy. for Critical Infrastructure. Government

Industry role moving forward

Department of Homeland Security Updates

Why you should adopt the NIST Cybersecurity Framework

Managing IT & Election Systems. U.S. Election Assistance Commission 1

NATIONAL ELECTRIC GRID SECURITY AND RESILIENCE ACTION PLAN

Office of Infrastructure Protection Overview

The NIST Cybersecurity Framework

THE WHITE HOUSE. Office of the Press Secretary. EMBARGOED UNTIL DELIVERY OF THE PRESIDENT'S February 12, 2013 STATE OF THE UNION ADDRESS

Advanced Cyber Risk Management Threat Modeling & Cyber Wargaming April 23, 2018

Cyber Security Summit 2014 USCENTCOM Cybersecurity Cooperation

Monthly Cyber Threat Briefing

Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure

MULTI-YEAR TRAINING AND EXERCISE PLAN. Boone County Office of Emergency Management

Energy Assurance State Examples and Regional Markets Jeffrey R. Pillon, Director of Energy Assurance National Association of State Energy Officials

UNCLASSIFIED. National and Cyber Security Branch. Presentation for Gridseccon. Quebec City, October 18-21

Food and Agriculture Sector Criticality Assessment

Critical Infrastructure Mission Implementation by State, Local, Tribal, and Territorial Agencies and Public-Private Partnerships.

FEMA Update. Tim Greten Technological Hazards Division Deputy Director. NREP April 2017

Software & Supply Chain Assurance: Enabling Enterprise Resilience through Security Automation, Software Assurance and Supply Chain Risk Management

Homeland Security Perspectives: Cyber Security Resources for Small and Medium- Sized Businesses November 03, 2017

STRATEGIC PLAN VERSION 1.0 JANUARY 31, 2015

American Association of Port Authorities Port Security Seminar & Expo Cyber Security Preparedness and Resiliency in the Marine Environment

United States Coast Guard Office of Port and Facility Compliance (CG-FAC) Cybersecurity and the Marine Transportation System.

Bradford J. Willke. 19 September 2007

Medical Device Cybersecurity: FDA Perspective

Greg Garcia President, Garcia Cyber Partners Former Assistant Secretary for Cyber Security and Communications, U.S. Department of Homeland Security

New Information Collection Request: The Department of. Homeland Security, Office of Cybersecurity and

Welcome to the CyberSecure My Business Webinar Series We will begin promptly at 2pm EDT All speakers will be muted until that time

Understanding Holistic Effects of Cyber Events on Critical Infrastructure

Critical Infrastructure Protection and Suspicious Activity Reporting. Texas Department of Public Safety Intelligence & Counterterrorism Division

The National Network of Fusion Center: Where We Have Been and Where We are Going

DHS Supply Chain Activity: Cross-Sector Supply Chain Working Group and Strategy on Global Supply Chain Security

Department of Homeland Security Science and Technology Directorate

Executive Order & Presidential Policy Directive 21. Ed Goff, Duke Energy Melanie Seader, EEI

Information Security Continuous Monitoring (ISCM) Program Evaluation

Cybersecurity Overview

Boston Chapter AGA 2018 Regional Professional Development Conference Cyber Security MAY 2018

GPS Vulnerability and DHS Mitigation Efforts. David Wulf Acting Deputy Assistant Secretary Infrastructure Protection Department of Homeland Security

Business Continuity Planning

Transcription:

Cyber Security & Homeland Security: Cyber Security for CIKR and SLTT Michael Leking 19 March 2014 Cyber Security Advisor Northeast Region Office of Cybersecurity and Communications (CS&C) U.S. Department of Homeland Security (DHS)

Office of Cybersecurity and Communications MISSION: To enhance the security, resilience, and reliability of the Nation s cyber and communications infrastructure. Capabilities: CS&C works collaboratively with public, private, and international entities to secure, assess, and mitigate cyber risk; and prepare for, prevent, and respond to cyber incidents. CS&C leads efforts to protect the federal.gov domain of civilian government networks and to collaborate with the private sector the.com domain to increase the security of critical networks. Build and maintain a world-class organization to advance the Nation s cybersecurity preparedness and raise awareness across the Nation on cybersecurity Sector-Specific Agency for the Communications and Information Technology (IT) sectors, CS&C coordinates national-level reporting that is consistent with the National Response Framework (NRF). Presenter s Name June 17, 2003 2

Cyber Security Advisor Initiative Roles and Responsibilities Assist in the identification of cyber systems, networks, and infrastructure supporting CIKR assets and be knowledgeable of corresponding interdependencies in their region Coordinate and lead cyber security evaluations of critical infrastructure within the region represented Raise awareness of CS&C activities Function as the National Cyber Security Division representative to State and local emergency operations centers (EOCs) and State and local fusion centers Establish working relationship and rapport with State and local area CISOs in the region represented Coordinate with Federal personnel within region to integrate cyber security response and assessment perspectives (i.e., with PSAs, FEMA, Federal LE, etc) Coordinate cyber and communications incident response Presenter s Name June 17, 2003 3 3

The Cybersecurity Framework In February 2013 the President issues Executive Order 13636: Improving Critical Infrastructure Cybersecurity One component of that Executive Order directed the National Institute of Standards and Technology (NIST) to work with stakeholders to develop a voluntary framework based on existing standards, guidelines, and practices - for reducing cyber risks to critical infrastructure The resulting Cybersecurity Framework (CSF), created through collaboration between industry and government, consists of standards, guidelines, and practices to promote the protection of critical infrastructure The prioritized, flexible, repeatable, and cost-effective approach of the Framework helps owners and operators of critical infrastructure to manage cybersecurity-related risk Additional information on the NIST Cybersecurity Framework can be found on the official webpage at http://www.nist.gov/cyberframework/ 4

Critical Infrastructure Cyber Community (C 3 ) Website: http:// www.us-cert.gov/ccubedvp General C3 inquiries: ccubedvp@ hq.dhs.gov DHS launched the C 3 Program in February, 2014 to complement the launch of the NIST CSF The C³ Voluntary Program helps sectors and organizations that want to use the CSF by connecting them to existing cyber risk management capabilities provided by DHS, other U.S. Government organizations, and the private sector. The C3 website (http://www.uscert.gov/ccubedvp) describes the various programs DHS offers to critical infrastructure partners, including Federal, State, local, and private sector organizations Many of the programs described on the following slides can also be found on the website 5

Cyber Resilience and the Framework Relationship between DHS Cyber Resilience Review and the Cybersecurity Framework. Identify Services Create Asset Inventory Protect & Sustain Assets Disruption Management Cyber Exercise Identify and prioritize services Identify assets, align assets to services, and inventory assets Establish risk management, resilience requirements, control objectives, and controls Establish continuity requirements for assets and develop service continuity plans Define objectives for cyber exercise, perform exercises, and evaluate results Homeland Security Process Management and Improvement * CRR to NIST CSF crosswalk available Office of Cybersecurity and Communications 6 6

A Wide Range of Offerings for Critical Infrastructure Technical Assistance National Cybersecurity and Communications Integration Center (NCCIC) US-CERT Operations Center o Remote and On-Site Assistance o Malware Analysis o Incident Response Teams ICS-CERT Operations Center o ICS-CERT Malware Lab o Cyber Security Evaluation Tool o Incident Response Teams NCATS o Cyber Hygiene service o Risk and Vulnerability Assessment Resilience and Strategy US-CERT National Cyber Awareness System Vulnerability Notes Database Security Publications Control Systems Security Program Cybersecurity Training Information Products and Recommended Practices Cyber Exercise Program Cyber Security Evaluations Program Cyber Resilience Review Cyber Infrastructure Survey Tool 7

DHS Cyber Security Evaluations: Cyber Resilience Review (CRR) Cyber Security Evaluation Tool (CSET) Cyber Infrastructure Survey Tool (C-IST) Cyber Hygiene (CH) Evaluations Pen Test (aka RVA) ICS Architecture Review Cybersecurity Framework Presenter s Name June 17, 2003 8 8

Cyber Resilience Review (CRR) Based on the CERT Resilience Management Model (RMM), a process improvement model for managing operational resilience Development of CRR methodology began in early 2009 Deployment across all 18 CIKR sectors as well as State, local, tribal, and territorial governments Primary goal: Evaluate how CIKR providers manage cyber security of significant information services and assets (information, technology, facilities, and personnel) Secondary goal: Identify opportunities for improvement in cyber security management and reduce operational risks related to cyber security Presenter s Name June 17, 2003 9

CRR Architecture Overview Focused Activity 10 Domains Required (What to do to achieve the capability) Domain Goals MIL Levels [per Domain] Expected (How to accomplish the goal) Domain Practice Questions MIL Questions [per Domain] Process Institutionalization Elements 10

CRR Domains AM Asset Management identify, document, and manage assets during their life cycle IM Incident Management identify and analyze IT events, detect cyber security incidents, and determine an organizational response CCM Configuration and Change Management ensure the integrity of IT systems and networks SCM Service Continuity Management ensure the continuity of essential IT operations if a disruption occurs RISK Risk Management identify, analyze, and mitigate risks to critical service and IT assets EXD External Dependencies Management establish processes to manage an appropriate level of IT, security, contractual, and organizational controls that are dependent on the actions of external entities CNTL Controls Management identify, analyze, and manage IT and security controls TRNG Training and Awareness promote awareness and develop skills and knowledge of people VM Vulnerability Management identify, analyze, and manage vulnerabilities SA Situational Awareness actively discover and analyze information related to immediate operational stability and security 11

Benefits of the CRR Identification of cyber security risks and improved organization-wide awareness of the need for effective cyber security management Understanding how similar organizations manage cyber security around a common critical infrastructure service DHS will provide organizations with a CRR Report that includes : Documented strengths and weaknesses in cyber security management Options for consideration to improve cyber security in support of critical infrastructure operations Establish/strengthen collaborative relationships with DHS Increased awareness of DHS programs related to cyber security: Control Systems security Cyber exercises Training/education resources Presenter s Name June 17, 2003 12

CRR Report Presenter s Name June 17, 2003 13

DHS CRR Analytical Findings 14

Cyber Resilience Workshops DHS facilitated four or eight-hour workshop introduces cyber security managers and practitioners to cyber resilience concepts and to capability and capability building activities in key performance areas related to cyber security, IT operations, and business continuity. These collaborative and interactive workshops: Raise awareness to gaps in cyber management practices and to process improvements for CIKR and SLTT communities. Reinforce cyber security best practices and examine resilience concepts and objectives. Share information with communities-of- interest related to national cyber security policies, initiatives, and federal capabilities. Enhance cyber incident response and business continuity capabilities and discuss federal coordination for incident notification, containment, and recovery. What to Expect: A four or eight-hour, collaborative workshop, with interactive discussions between operations and cyber security personnel. Structured dialogs and scenario walkthroughs to reinforce resilience concepts and best practices. Sector/industry-specific content and threat examples. Presenter s Name June 17, 2003 15

Cyber Security Evaluation Tool (CSET ) TM Stand-alone software application Self-assessment using recognized standards Tool for integrating cybersecurity into existing corporate risk management strategy CSET Download: us-cert.gov/control_systems/csetdownload.html 16

Help and Guidance Video Tutorial Users Guide Screen Specific Guidance Topic/ Question Help 17

Hard-copy Reports 18

Contact Information Michael Leking (michael.leking@dhs.gov) Cyber Security Advisor - Northeast Region Office of Cybersecurity and Communications Department of Homeland Security Presenter s Name June 17, 2003 19

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback