DHS Election Task Force Updates. Geoff Hale, Elections Task Force

Similar documents
Testimony. Christopher Krebs Director Cybersecurity and Infrastructure Security Agency U.S. Department of Homeland Security FOR A HEARING ON

Managing IT & Election Systems. U.S. Election Assistance Commission 1

Election Infrastructure Security: The How and Why of It

DHS Cybersecurity: Services for State and Local Officials. February 2017

Cyber Security & Homeland Security:

DHS Cybersecurity. Election Infrastructure as Critical Infrastructure. June 2017

Implementing the Administration's Critical Infrastructure and Cybersecurity Policy

Federal Civilian Executive branch State, Local, Tribal, Territorial government (SLTT) Private Sector (PS) Unclassified / Business Networks

Critical Infrastructure Mission Implementation by State, Local, Tribal, and Territorial Agencies and Public-Private Partnerships.

DHS Cybersecurity Services and Resources

Homeland Security Perspectives: Oregon Fire District Directors Association October 25, 2018

Quadrennial Homeland Security Review (QHSR) Ensuring Resilience to Disasters

Member of the County or municipal emergency management organization

MULTI-YEAR TRAINING AND EXERCISE PLAN. Boone County Office of Emergency Management

The Office of Infrastructure Protection

Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure

Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013

June 5, 2018 Independence, Ohio

December 10, Statement of the Securities Industry and Financial Markets Association. Senate Committee on Banking, Housing, and Urban Development

PIPELINE SECURITY An Overview of TSA Programs

Water Information Sharing and Analysis Center

Physical Security Reliability Standard Implementation

Information Collection Request: The Department of Homeland. Security, Stakeholder Engagement and Cyber Infrastructure

Center for Internet Security Confidence in the Connected World

2017 SPRING INTERNSHIP PROGRAM OPPORTUNITY

Southeast Florida Regional Climate Change Compact Update. Broward Climate Change Task Force February 16, 2017

ICS-CERT Year in Review. Industrial Control Systems Cyber Emergency Response Team

Monthly Cyber Threat Briefing

Illinois Cyber Navigator Program

STRATEGY ATIONAL. National Strategy. for Critical Infrastructure. Government

Electricity Sub-Sector Coordinating Council Charter FINAL DISCUSSION DRAFT 7/9/2013

Implementing Executive Order and Presidential Policy Directive 21

The Office of Infrastructure Protection

Advanced Cyber Risk Management Threat Modeling & Cyber Wargaming April 23, 2018

Cybersecurity Overview

STRATEGIC PLAN. USF Emergency Management

Emerging Issues: Cybersecurity. Directors College 2015

The Office of Infrastructure Protection

Department of Homeland Security Updates

Cybersecurity in Government

EMERGENCY SUPPORT FUNCTION (ESF) 13 PUBLIC SAFETY AND SECURITY

National Preparedness System (NPS) Kathleen Fox, Acting Assistant Administrator National Preparedness Directorate, FEMA April 27, 2015

COMESA CYBER SECURITY PROGRAM KHARTOUM, SUDAN

Updates to the NIST Cybersecurity Framework

ARRA State & Local Energy Assurance Planning & Implementation

Regional Resilience: Prerequisite for Defense Industry Base Resilience

Evaluating and Improving Cybersecurity Capabilities of the Electricity Critical Infrastructure

November 10, Notable Training Opportunities: 1 P a g e. November 2016

National Preparedness System. Update for EMForum June 11, 2014

Chapter X Security Performance Metrics

U.S. Department of Homeland Security Office of Cybersecurity & Communications

Brussels, 19 May 2011 COUNCIL THE EUROPEAN UNION 10299/11 TELECOM 71 DATAPROTECT 55 JAI 332 PROCIV 66. NOTE From : COREPER

Outreach and Partnerships for Promoting and Facilitating Private Sector Emergency Preparedness

2016 Nationwide Cyber Security Review: Summary Report. Nationwide Cyber Security Review: Summary Report

ISAO SO Product Outline

Cyber Partnership Blueprint: An Outline

Kansas City s Metropolitan Emergency Information System (MEIS)

Medical Device Cybersecurity: FDA Perspective

UNCLASSIFIED. National and Cyber Security Branch. Presentation for Gridseccon. Quebec City, October 18-21

ICBA Summary of FFIEC Cybersecurity Assessment Tool (May 2017 Update)

Regional Workshop on Frameworks for Cybersecurity and CIIP Feb 2008 Doha, Qatar

FISMA Cybersecurity Performance Metrics and Scoring

The Office of Infrastructure Protection

Cybersecurity A Regulatory Perspective Sara Nielsen IT Manager Federal Reserve Bank of Kansas City

The US National Near-Earth Object Preparedness Strategy and Action Plan

The European Policy on Critical Information Infrastructure Protection (CIIP) Andrea SERVIDA European Commission DG INFSO.A3

Overview of the Cybersecurity Framework

Bradford J. Willke. 19 September 2007

Security and resilience in Information Society: the European approach

Executive Order & Presidential Policy Directive 21. Ed Goff, Duke Energy Melanie Seader, EEI

RBI GUIDELINES ON CYBER SECURITY AND RAKSHA APPROACH

National Policy and Guiding Principles

Alternative Fuel Vehicles in State Energy Assurance Planning

GPS Vulnerability and DHS Mitigation Efforts. David Wulf Acting Deputy Assistant Secretary Infrastructure Protection Department of Homeland Security

Mission: Continuity BUILDING RESILIENCE AGAINST UNPLANNED SERVICE INTERRUPTIONS

EARTH Ex 2017 Middle Planning Conference

The Office of Infrastructure Protection

Cybersecurity Presidential Policy Directive Frequently Asked Questions. kpmg.com

Effective Cyber Incident Response in Insurance Companies

Directive on Security of Network and Information Systems

May 14, :30PM to 2:30PM CST. In Plain English: Cybersecurity and IT Exam Expectations

Earthquake Preparedness

Chapter X Security Performance Metrics

ISRAEL NATIONAL CYBER SECURITY STRATEGY IN BRIEF

NATIONAL DEFENSE INDUSTRIAL ASSOCIATION Homeland Security Symposium

Greg Garcia President, Garcia Cyber Partners Former Assistant Secretary for Cyber Security and Communications, U.S. Department of Homeland Security

2 nd Cybersecurity Workshop Test and Evaluation to Meet the Advanced Persistent Threat

Energy Assurance State Examples and Regional Markets Jeffrey R. Pillon, Director of Energy Assurance National Association of State Energy Officials

Legal and Regulatory Developments for Privacy and Security

Executive Order on Coordinating National Resilience to Electromagnetic Pulses

Critical Infrastructure Sectors and DHS ICS CERT Overview

FEMA Update. Tim Greten Technological Hazards Division Deputy Director. NREP April 2017

79th OREGON LEGISLATIVE ASSEMBLY Regular Session. Senate Bill 90

Dr. Emadeldin Helmy Cyber Risk & Resilience Bus. Continuity Exec. Director, NTRA. The African Internet Governance Forum - AfIGF Dec 2017, Egypt

CALIFORNIA CYBERSECURITY TASK FORCE

Mitigation Framework Leadership Group (MitFLG) Charter DRAFT

Department of Management Services REQUEST FOR INFORMATION

Education Network Security

Doug Couto Texas A&M Transportation Technology Conference 2017 College Station, Texas May 4, 2017

Statement for the Record

Transcription:

1 DHS Election Task Force Updates Geoff Hale, Elections Task Force Geoffrey.Hale@hq.dhs.gov

ETF Updates Where we ve made progress Services EI-ISAC/ National Cyber Situational Awareness Room What we ve learned Assessments How this shapes our next steps Reaching local officials Exercise 2

DHS Cyber Services As of 7/10/2018 Cyber Resilience Review (CRR) SERVICE Total Breakout External Dependencies Management Assessment (EDM) 8 Cyber Infrastructure Survey (CIS) EI-ISAC Membership Hunt Risk and Vulnerability Assessment (RVA) Phishing Campaign Assessment (PCA) Exercises 11 8 908 7 35 6 State: 8 Local: 2 Territorial: 1 State: 6 Local: 1 Territorial: 1 State: 6 Local: 1 Territorial: 1 State: 50 Local: 849 Territorial: 3 Association/Supporters: 6 State: 5 Local: 2 State: 18 Local: 15 Territorial: 1 Private: 1 State: 5 Local: 1 17 State: 17 Cyber Hygiene Scanning (CyHy) 91 State: 34 Local: 52 Private: 5

Progress of EI-ISAC The Election Infrastructure Information Sharing and Analysis Center was adopted by GCC in February. Since that time Rapid Membership Growth Accelerated Albert Deployment Availability of Supporting Membership Situational Awareness Room for Election Day

Membership Growth 1000 900 849 800 700 600 500 400 300 200 100 0

Albert Sensor Deployment 60 55 In Progress State: 9 Local: 9 No Information Provided: State: 5 Local: 10 35 Sensor Declined: State: 2 Local: 4 50 16 45 40 35 30 25 20 15 10 February, August, 2016 January, 2018 2018 March, 2018 April, 2018 May, 2018 Jun, 2018 Jul, 2018 Local 1 3 4 7 8 13 18 23 State 14 21 23 25 25 31 34 35

Information Sharing and Engagement Incident Notifications Q1 13 Albert Notifications 4 Open Source Notifications 72 VMP Notifications 8 Reported Incidents 1 Incident Response Q2 146 Albert Notifications 1 Open Source Notification 55 VMP Notifications 9 Reported Incidents 1 Incident Response Engage Election Stakeholders Webinars Conference Briefings and TTX Situational Awareness Rooms 7 26 6 Election Information Sharing Products ELECTION PRODUCTS Cyber Alerts Weekly News Alerts Cybersecurity Spotlight Total Election Products Disseminated 0 27 11 38

Election Day Situational Awareness Room

What We ve Learned from Assessments Penetration Testing Findings (from RVAs) Election Infrastructure Risks Spear Phishing Weaknesses Admin Password Reuse Patch Management Unsupported OS or Application Cleartext Password Disclosure

What does it mean? Identifying and addressing needs: Growing a robust dataset amplifies our understanding of risk across the sector Objective: Expand reach Risks and vulnerabilities identified can be mitigated through foundational information security practices Objective: Educate and promote basic information security practices across sector Information risk management & planning practices are not standard across the sector Objective: Support education and planning efforts according to NIST Cybersecurity Framework

2018 Election Cybersecurity Snapshots With a goal of expanding reach to local election jurisdictions and promoting foundational security practices, DHS piloted with Iowa Office of the Secretary of State (SOS), Election Cybersecurity Posters Provides each county in Iowa with o An illustrative document to share with leadership, regulators, and constituents describing the county s election cybersecurity activities and action plan o Accessible reference for cybersecurity points of contact o Checklist of high-impact initiatives recommended by the Iowa SOS and U.S. DHS

Snapshot Activities/ Safeguards Iowa Election Process Lists controls and other cybersecurity safeguards in place for each phase of the election process Election Day Guidelines Reference to key Iowa policies relating to election cybersecurity

Snapshot Threat Mitigation Specific Threats/Mitigation Description of various cyber threats to the election process along with current and planned mitigation actions Recognizing and Reporting an Incident Defines cyber incident and provides key POCs at the state and national level for incident reporting and/or assistance For Additional Information/ Questions POCs for obtaining additional information on state and national cybersecurity resources and initiatives

Snapshot 2018 Initiatives County Overview County-specific data including number of precincts and voters, types of voting equipment, and website for election information. 2018 Activities & Timeline Checklist of high-impact cybersecurity initiatives recommended by Iowa SOS and U.S. DHS for completion prior to the November 2018 election. Several initiatives take advantage of free services offered by the State of Iowa or U.S. DHS.

2018 Election Cybersecurity Initiatives Initiative 1: Cybersecurity workshop with auditors and IT staff from across the State (Target Completion: June 22) Initiative 2: Register for the Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC) at https://learn.cisecurity.org/ei-isac-registration (Target Completion: July 15) Initiative 3: Develop County Incident Response Plan including Reporting Matrix (Target Completion: August 1) Initiative 4: Schedule Cyber Hygiene Scanning. Contact ncciccustomerservice@hq.dhs.gov and reference Iowa Cyber Hygiene Initiative to obtain this service free through DHS (Target Completion: September 1) Initiative 5: Complete Securing the Human Training. Contact IVoters.support@sos.iowa.gov to schedule (Target Completion: September 1) Initiative 6: Register for services provided by the Iowa Office of the Chief Information Officer (Target Completion: September 1)

Tabletop The Vote 2018 Format: Open forum facilitated discussions conducted via VTC (or audio bridge) Date: Exercise will be repeated on three consecutive days: 13 August: (Monday) 12:00 pm to 4:00 pm 14 August (Tuesday) 12:00 pm to 4:00 pm 15 August (Wednesday) 12:00 pm to 4:00 pm Venues: FEMA Emergency Management Institute (Facilitation) DHS 1110 N. Glebe Road - Room 1128 (Federal Interagency Participation) State EOC or similar (State/County Player Locations) Parameters: Focus on cyber impacts to voter confidence and integrity of elections Discussion will be non-technical

Tabletop The Vote 2018 The purpose of this exercise is to assist DHS and elections stakeholders in identifying best practices and areas for improvement in cyber incident planning, preparedness, identification and response through simulation of a realistic scenario exploring impacts to voter confidence, voting operations, and the integrity of elections. The exercise will provide unparalleled networking opportunities for the development of information sharing relationships amongst election community stakeholders and the federal government. The exercise will also provide the opportunity for DHS and Federal interagency partners to exercise collaboration and information sharing practices both in steady state and in response to a cyber incident.

Tabletop The Vote 2018 Exercise Objectives 1. Discuss the preparedness of the state and county boards of election to respond to and manage cybersecurity incidents. 2. Discuss processes for identifying potential cybersecurity incidents or issues. 3. Examine information sharing processes among the state and county boards of election and with state and federal partners. 4. Explore processes for requesting state/federal incident response resources once county/state resources are exhausted. 5. Increase understanding of federal cyber risk management resources and incident response roles, responsibilities, and coordination processes. 6. Explore processes for addressing news and social media manipulation related to the conduct of elections. 7. Inform the development of state and county-level processes and plans to address elections-related cyber incidents.

EISSA@hq.dhs.gov ElectionTaskForce@hq.dhs.gov Geoffrey.Hale@hq.dhs.gov FOR MORE INFORMATION 19

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback