homeland security perspectives: oregon fire district...
TRANSCRIPT
Homeland Security Perspectives:
Oregon Fire District Directors
Association
October 25, 2018
Ronald D. Watters Jr M.Ed GSLC
Cybersecurity Advisor Region X
Stakeholder Engagement and Cyber Infrastructure Resilience (SECIR)
Cybersecurity and Communications (CS&C)
HomelandSecurity
Cybersecurity Advisor (CSA) Program
The CSA Mission:
To provide direct coordination, outreach, and regional support and assistance in the
protection of cyber components essential to the Nation’s Critical Infrastructure.
In service of this mission, CSAs are guided by the following goals:
– Assess: Assess critical infrastructure cyber risk.
– Promote: Promote best practices and risk mitigation strategies.
– Build: Initiate, build capacity, and support cyber communities-of-
interest and working groups.
– Educate: Educate and raise awareness.
– Listen: Collect stakeholder requirements.
– Coordinate: Coordinate incident support and lessons-learned.
HomelandSecurity
What Is Cyber Resilience?
“… the ability to prepare for and adapt to changing
conditions and withstand and recover rapidly from
disruptions. Resilience includes the ability to
withstand and recover from deliberate attacks,
accidents, or naturally occurring threats or
incidents…”
- Presidential Policy Directive – PPD 21
February 12, 2013
Protect (Security) Sustain (Continuity)
Perform (Capability) Repeat (Maturity)
HomelandSecurity
Some Critical Cybersecurity Questions:
• How do you measure if your cybersecurity efforts are going
well?
HomelandSecurity
Some Critical Cybersecurity Questions:
• How do you measure if your cybersecurity efforts are going
well?
• Do you plan your cybersecurity activities?
HomelandSecurity
Some Critical Cybersecurity Questions:
• How do you measure if your cybersecurity efforts are going
well?
• Do you plan your cybersecurity activities?
• Do you adhere to a cybersecurity standard of practice? Is
your system accredited? Is the Accreditation reviewed
regularly?
HomelandSecurity
Some Critical Cybersecurity Questions:
• How do you measure if your cybersecurity efforts are going
well?
• Do you plan your cybersecurity activities?
• Do you adhere to a cybersecurity standard of practice? Is
your system accredited? Is the Accreditation reviewed
regularly?
• Who is responsible and accountable for cybersecurity? Are
they measuring and managing the effort?
HomelandSecurity
Some Critical Cybersecurity Questions:
• What’s at risk? Have you identified the potential consequences if
your systems are compromised? Is your system scalable?
HomelandSecurity
Some Critical Cybersecurity Questions:
• What’s at risk? Have you identified the potential consequences if
your systems are compromised? Is your system scalable?
• Have you planned for cyber incident management and exercised
that plan?
HomelandSecurity
Some Critical Cybersecurity Questions:
• What’s at risk? Have you identified the potential consequences
if your systems are compromised? Is your system scalable?
• Have you planned for cyber incident management and exercised
that plan?
• Can you sustain operations of critical processes following a
significant cyber incident?
HomelandSecurity
Analysis Paralysis
• PSUEDO Medical term for “Brain Freeze” when faced with multiple critical
projects or objectives leading to failure to complete any.
– Take one item at a time and complete it, chip away at the problem one step at a time.
• Advantage is that you can show progress completing tasks
• Disadvantage is that it takes more planning and time.
– Plan and Budget for ongoing projects• You are not going to be able to complete major infrastructure projects quickly, so plan and prepare.
• Convene a Configuration Change Management meeting to discuss and have plan approved far in
advance of actual commencement of work.
• Move expensive portions to the next Fiscal year and budget for them.
13
HomelandSecurity
Cybersecurity Offerings for CIKR and SLTT
• National Cybersecurity and Communications Integration Center (NCCIC)
• Operations
• US-CERT/ ICS-CERT Operations
• Cyber Threat Hunting and Incident Response Teams
• National Cyber Assessments and Technical Services (NCATS)
• Risk and Vulnerability Assessments (RVAs)
• Phishing Campaign Assessments (PCA)
• Vulnerability Scanning
• Industrial Control Systems (ICS) Evaluations
• Cyber Security Evaluation Tool (CSET™)
• Cyber Threat Detection and Analysis
• Cyber Exercises
• Malware Analysis
• National Cyber Awareness System
• Publications and Communications
• Stakeholder Engagement Cyber Infrastructure Resilience (SECIR)
• Cyber Education and Awareness• Federal Virtual Training Environment (Fed
VTE)
• National Initiative for Cybersecurity Careers and Studies (NICCS)
• Stop.Think.Connect.™
• Partnership and Engagements• State, Local, Tribal, and Territorial (SLTT)
engagements
• Critical Infrastructure Cyber Community Voluntary Program (C3VP) http://us-cert.gov/ccubedvp
• Stakeholder Risk Assessment and Mitigations-
• Cybersecurity Advisors (CSA)
• Cyber Resilience Reviews (CRR™)
• External Dependency Management (EDM) Assessments
• Cyber Infrastructure Surveys
Contact Information
Department of Homeland SecurityNational Protection and Programs Directorate
Office of Cybersecurity and Communications
Stakeholder Engagement and Cyber Infrastructure Resilience
Stakeholder Risk Assessment and Mitigation
General Inquiries
Incident Response and Information Sharing
Contact InformationRonald WattersCybersecurity Advisor Region XSeattle, WA
[email protected](206)348-4071