Implementing the Administration's Critical Infrastructure and Cybersecurity Policy

Similar documents
Implementing Executive Order and Presidential Policy Directive 21

Executive Order & Presidential Policy Directive 21. Ed Goff, Duke Energy Melanie Seader, EEI

Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013

NATIONAL DEFENSE INDUSTRIAL ASSOCIATION Homeland Security Symposium

Overview of the Cybersecurity Framework

Framework for Improving Critical Infrastructure Cybersecurity. and Risk Approach

THE WHITE HOUSE. Office of the Press Secretary. EMBARGOED UNTIL DELIVERY OF THE PRESIDENT'S February 12, 2013 STATE OF THE UNION ADDRESS

DHS Cybersecurity: Services for State and Local Officials. February 2017

Testimony. Christopher Krebs Director Cybersecurity and Infrastructure Security Agency U.S. Department of Homeland Security FOR A HEARING ON

Critical Infrastructure Resilience

National Policy and Guiding Principles

STRENGTHENING THE CYBERSECURITY OF FEDERAL NETWORKS AND CRITICAL INFRASTRUCTURE

Challenges and Opportunities in Cyber Physical System Research

DHS Cybersecurity. Election Infrastructure as Critical Infrastructure. June 2017

ISAO SO Product Outline

Cybersecurity Presidential Policy Directive Frequently Asked Questions. kpmg.com

Office of Infrastructure Protection Overview

Federal Civilian Executive branch State, Local, Tribal, Territorial government (SLTT) Private Sector (PS) Unclassified / Business Networks

Legal and Regulatory Developments for Privacy and Security

Executive Order on Coordinating National Resilience to Electromagnetic Pulses

G7 Bar Associations and Councils

December 10, Statement of the Securities Industry and Financial Markets Association. Senate Committee on Banking, Housing, and Urban Development

U.S. Department of Homeland Security Office of Cybersecurity & Communications

The Office of Infrastructure Protection

Statement for the Record

How Cybersecurity Initiatives May Impact Operators. Ross A. Buntrock, Partner

Our Comments. February 12, VIA

POSTMARKET MANAGEMENT OF CYBERSECURITY IN MEDICAL DEVICES FINAL GUIDANCE MARCH 29, TH ANNUAL MEDICAL DEVICE QUALITY CONGRESS

THE WHITE HOUSE. Office of the Press Secretary EXECUTIVE ORDER

The Impact of US Cybersecurity Policies on Submarine Cable Systems

2014 Sector-Specific Plan Guidance. Guide for Developing a Sector-Specific Plan under NIPP 2013 August 2014

THE WHITE HOUSE Office of the Press Secretary EXECUTIVE ORDER

Information Collection Request: The Department of Homeland. Security, Stakeholder Engagement and Cyber Infrastructure

Presidential Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure

Critical Infrastructure Protection (CIP) as example of a multi-stakeholder approach.

FDA & Medical Device Cybersecurity

Homeland Security Perspectives: Oregon Fire District Directors Association October 25, 2018

The Office of Infrastructure Protection

ISRAEL NATIONAL CYBER SECURITY STRATEGY IN BRIEF

National Preparedness System (NPS) Kathleen Fox, Acting Assistant Administrator National Preparedness Directorate, FEMA April 27, 2015

Cyber Security & Homeland Security:

MYTH vs. REALITY The Revised Cybersecurity Act of 2012, S. 3414

Emergency Management Response and Recovery. Mark Merritt, President September 2011

Cybersecurity Risk Management Guide for Voluntary Use of the NIST Cybersecurity Framework

COUNCIL OF THE EUROPEAN UNION. Brussels, 28 January 2003 (OR. en) 15723/02 TELECOM 78 JAI 307 PESC 593

Cybersecurity Risk Management:

Presidential Documents

STRATEGY ATIONAL. National Strategy. for Critical Infrastructure. Government

Brussels, 19 May 2011 COUNCIL THE EUROPEAN UNION 10299/11 TELECOM 71 DATAPROTECT 55 JAI 332 PROCIV 66. NOTE From : COREPER

Framework for Improving Critical Infrastructure Cybersecurity

2 nd Cybersecurity Workshop Test and Evaluation to Meet the Advanced Persistent Threat

MEDICAL DEVICE CYBERSECURITY: FDA APPROACH

Medical Device Cybersecurity: FDA Perspective

Member of the County or municipal emergency management organization

Cyber and Supply Chain Policy Issues

DHS Election Task Force Updates. Geoff Hale, Elections Task Force

Using the NIST Framework for Metrics 5/14/2015

Why you should adopt the NIST Cybersecurity Framework

Her Majesty the Queen in Right of Canada, Cat. No.: PS4-66/2014E-PDF ISBN:

The NIST Cybersecurity Framework

The Office of Infrastructure Protection

DOE s Roles and Responsibilities for Energy Sector Cybersecurity

GAO CYBERSPACE POLICY. Executive Branch Is Making Progress Implementing 2009 Policy Review Recommendations, but Sustained Leadership Is Needed

Section One of the Order: The Cybersecurity of Federal Networks.

Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure

Overview of the Federal Interagency Operational Plans

2017 SPRING INTERNSHIP PROGRAM OPPORTUNITY

NATIONAL CYBER SECURITY STRATEGY. - Version 2.0 -

The National Medical Device Information Sharing & Analysis Organization (MD-ISAO) Initiative Session 2, February 19, 2017 Moderator: Suzanne

Package of initiatives on Cybersecurity

CSD Project Overview DHS SCIENCE AND TECHNOLOGY. Dr. Ann Cox. March 13, 2018

Cybersecurity Risk Management

Pre-Decisional Draft Working Product Do Not Cite or Quote

Resolution adopted by the General Assembly on 21 December [on the report of the Second Committee (A/64/422/Add.3)]

MARCH 2016 ONE BILLION COALITION FOR RESILIENCE

Cyber Partnership Blueprint: An Outline

Cyber Security and Cyber Fraud

COUNTERING IMPROVISED EXPLOSIVE DEVICES

Business Services Resilience and Restoration. Financial Services Sector Preparation for an Extreme Event

UNCLASSIFIED. National and Cyber Security Branch. Presentation for Gridseccon. Quebec City, October 18-21

U.S. Japan Internet Economy Industry Forum Joint Statement October 2013 Keidanren The American Chamber of Commerce in Japan

NATIONAL INFORMATION SHARING STRATEGY

Critical Infrastructure Protection and Suspicious Activity Reporting. Texas Department of Public Safety Intelligence & Counterterrorism Division

S&T Stakeholders Conference

NATIONAL STRATEGY FOR GLOBAL SUPPLY CHAIN SECURITY

COUNTERING IMPROVISED EXPLOSIVE DEVICES

Achieving Cyber-Readiness through Information Sharing Analysis Organizations (ISAOs)

SUMMARY DEPARTMENT OF DEFENSE CYBER STRATEGY

JOINT UNITED STATES-CANADA ELECTRIC GRID SECURITY AND RESILIENCE STRATEGY

how to manage risks in those rare cases where existing mitigation mechanisms are insufficient or impractical.

Advanced Cyber Risk Management Threat Modeling & Cyber Wargaming April 23, 2018

The Office of Infrastructure Protection

IMPROVING CYBERSECURITY AND RESILIENCE THROUGH ACQUISITION

Cybersecurity & Privacy Enhancements

Mapping to the National Broadband Plan

Greg Garcia President, Garcia Cyber Partners Former Assistant Secretary for Cyber Security and Communications, U.S. Department of Homeland Security

National Infrastructure Protection Plan (NIPP) Transportation Sector Specific Plan (TSSP) and The TSSP R&D Working Group

March 21, 2016 MEMORANDUM FOR THE HEADS OF EXECUTIVE DEPARTMENTS AND AGENCIES. Building National Capabilities for Long-Term Drought Resilience

February 8, Dear Dr. Cavanagh:

Cyber Security Issues and Responses. Andrew Rogoyski Head of Cyber Security Services CGI UK

Transcription:

Implementing the Administration's Critical Infrastructure and Cybersecurity Policy Cybersecurity Executive Order and Critical Infrastructure Security & Resilience Presidential Policy Directive Integrated Task Force March 5, 2013

The Need to Enhance Security and Resilience America's national security and economic prosperity are dependent upon the operation of critical infrastructure that are increasingly at risk to the effects of cyber attacks The vast majority of U.S. critical infrastructure is owned and operated by private companies A strong partnership between government and industry is indispensible to reducing the risk to these vital systems We are building critical infrastructure resiliency by establishing and leveraging these partnerships Unclassified Presenter s Name June 17, 2003 2

Taking Action In February 2013, the President announced two new policies 1) Executive Order 13636: Improving Critical Infrastructure Cybersecurity 2) Presidential Policy Directive 21: Critical Infrastructure Security and Resilience Together, they create an opportunity to work together to effect a comprehensive national approach to security and risk management Implementation efforts will drive action toward system and network security and resiliency Unclassified Presenter s Name June 17, 2003 3

Integrated Cyber-Physical Security Executive Order 13636: Improving Critical Infrastructure Cybersecurity directs the Executive Branch to: Develop a technology-neutral voluntary cybersecurity framework Promote and incentivize the adoption of cybersecurity practices Increase the volume, timeliness and quality of cyber threat information sharing Incorporate strong privacy and civil liberties protections into every initiative to secure our critical infrastructure Explore the use of existing regulation to promote cyber security Presidential Policy Directive-21: Critical Infrastructure Security and Resilience replaces Homeland Security Presidential Directive-7 and directs the Executive Branch to: Develop a situational awareness capability that addresses both physical and cyber aspects of how infrastructure is functioning in near-real time Understand the cascading consequences of infrastructure failures Evaluate and mature the public-private partnership Update the National Infrastructure Protection Plan Develop comprehensive research and development plan Unclassified Presenter s Name June 17, 2003 4

Major Deliverables Within do the following: 120 days Publish instructions to produce and disseminate unclassified threat information Report on incentives for cybersecurity Expand the Enhanced Cybersecurity Services program to all critical infrastructure sectors 150 days Identify critical infrastructure for which a cybersecurity incident will result in catastrophic regional or national effects Evaluate and enhance public-private partnership models Unclassified Presenter s Name June 17, 2003 5

Major Deliverables (continued) Within do the following: 240 days Develop a situational awareness capability for critical infrastructure Update the National Infrastructure Protection Plan Publish voluntary Cybersecurity Framework standards 365 days Report on privacy and civil rights and civil liberties risks associated with cybersecurity enhancements Beyond 365 Days Implement a voluntary critical infrastructure cybersecurity program Other deliverables are required from both documents Unclassified Presenter s Name June 17, 2003 6

Working Groups 1) Stakeholder Engagement 2) Planning and Evaluation 3) Situational Awareness and Information Exchange 4) Cyber-Dependent Infrastructure Identification 5) Incentives 6) Research and Development 7) Framework Collaboration 8) Assessments: Privacy and Civil rights & Civil Liberties Unclassified Presenter s Name June 17, 2003 7

Contact Us and Participation Federal homeland security partners administer the working groups The working groups seek regular and substantive engagement from across the community The ITF has engagements with Federal, State, local, Tribal, Territorial, international, private sector and academic partners We welcome and encourage additional engagements Inquires can be sent to EO-PPDTaskForce@hq.dhs.gov Unclassified Presenter s Name June 17, 2003 8

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback