mioc overview and assessment capabilities - …...assessment capabilities unclassified michigan...
TRANSCRIPT
MIOC Overview and Assessment Capabilities
UNCLASSIFIED
Michigan Fusion Centers
◼ Michigan Intelligence Operations Center (MIOC)
◼ Detroit & Southeast Michigan Information & Intelligence Center (DSEMIIC)
UNCLASSIFIED
Michigan State PoliceDepartment of
Homeland SecurityFederal Bureau of
Investigation
Statewide
Southeast
Michigan
State Fusion
Center
UASI Fusion
Center Node
Fusion Center
UNCLASSIFIED
ROLE OF THE MIOC AND DSEMIIC
➢ Facilitate the sharing of homeland security and criminal related information and intelligence.
➢ Collaborate to create a shared view of homeland security, as well as criminal threats within the Great Lakes Region.
➢ Bridge the information gap between local law enforcement agencies, federal law enforcement agencies, public safety, and private partners.
➢ Produce and disseminate actionable intelligence products against perceived and identified threats or hazards.
UNCLASSIFIED
MIOC Personnel & Facility
Coast
Guard
DHS IRS
MDOC
CBP(OIC)
MSPJTTFFBINational
Guard
Sec of
State
UNCLASSIFIED
➢ International & Domestic Terrorism
➢Organized Crime
➢Crime Patterns and Mapping
➢Cyber Crime
➢Gangs-Prison, Street, Motorcycle
➢Special Events Support
➢Narcotics & Smuggling
➢Financial Crimes
➢Case Support
Analytical Support
UNCLASSIFIED
CIP Unit
◼ Maintain open communications with the Critical Infrastructure and Key Resources operators and Security managers to ensure cooperation in information management and exchange
◼ Conduct security assessments at infrastructure facilities and entertainment venues
◼ Facilitate public and private sector security consortiums across the state
UNCLASSIFIED
Overview
◼ IP Gateway Assessments
◼ Physical Security Assessments
◼ Hazard and Vulnerability Assessments
◼ Special Event Assessments
◼ Cyber Assessments
◼ Key Areas of Concern
◼ Benefits to Owner/Operators.
◼ Data Protections
8
UNCLASSIFIED
What Is the Infrastructure
Protection Gateway?
◼ IP Gateway enables state, local, tribal,
and territorial (SLTT) and Federal
partners to manage information about
the infrastructure in their communities
for risk management, infrastructure
protection, event planning, and
incident response activities.
UNCLASSIFIED
Survey and Assessment Types
◼ Rapid
◼ Standard
◼ Expanded
10
UNCLASSIFIED
IP Gateway: Rapid Survey Tool
◼ Rapid: An abbreviated survey designed to gather the most critical cyber and physical information about a facility with fewer questions than the Standard Survey.
- Approximate time to complete: 1-3 hours
11
UNCLASSIFIED
IP Gateway: Rapid Survey Tool
◼ Ideal for Smaller Facilities
◼ Establishes a Baseline Score
◼ Roughly 33% Physical, 33% Cyber, 33% Resiliency
◼ Provides Interactive Information Center
UNCLASSIFIED
IP Gateway Facility Dashboard
13
Courtesy of DHS
IP Gateway Facility Dashboard
14
Courtesy of DHS
IP Gateway: Standard Survey Tool
◼ Standard: A survey that allows government assessors to collect detailed facility information, enabling the infrastructure protection community to conduct vulnerability comparisons.
- Approximate time to complete: 1 day
15
Courtesy of DHS
UNCLASSIFIED
IP Gateway: Standard Survey Tool
◼ Used for larger or more critical “Lifeline” Facilities
◼ Provides detailed dashboards with comprehensive data
◼ Covers primarily Physical Security and Resilience Management
UNCLASSIFIED
IP Gateway: Expanded Survey Tool
◼ Expanded: An extended version of the Standard Survey that provides a comprehensive assessment of a facility’s physical and cyber assets, with a focus on system interdependencies and options for improvement.
- Approximate time to complete: 5-7 days
17
UNCLASSIFIED
IP Gateway: Expanded Survey Tool
◼ Formerly known as a “Site Assistance Visit” or SAV
◼ Used for Major Critical Infrastructure Throughout the country
◼ Requires an entire team
◼ Rarely completed anymore, many functions have been folded into Standard Assessment.
UNCLASSIFIED
Physical Security Assessment
◼ Conducted on a specific facility.
◼ Looks purely at the physical attributes of a facility and measures in place to protect it.
◼ Federal Law Enforcement Training Center – Physical Security Training Program Methodology
UNCLASSIFIED
Physical Security Assessment
◼ Examines the following principles– CPTED
– Access Controls
– Risk Management
– Perimeter Security
– Intrusion Detection
– Access Control
– Guard Force
– Illumination
Hazard and Vulnerability Assessment
◼ Examines a specific facility
◼ Looks at Threat Vectors and Hazards that could potentially cause a risk to that facility in a variety of situations(Risk = Threat + Vulnerability).
◼ Utilizes the HVA Methodology through Argonne National Laboratory
UNCLASSIFIED
Hazard and Vulnerability Assessment
◼ Threat Vectors Examined– Foreign/Domestic Terror Groups
– Active Shooter
– IED
– UAS
– Vehicle Attack
– Criminal Threat
– Natural Hazard
– Insider Threat
UNCLASSIFIED
Special Event Assessment
◼ Provides a combination of HVA and physical security assessment methodology examining a specific event and its venue
◼ Examines threats affecting not only the specific event, but also similar events or venues world wide.
UNCLASSIFIED
Special Event Assessment
◼ Utilized for events across Michigan– Mackinac Bridge Walk
– Electric Forest Festival
– Detroit Tigers Season
◼ Examines Threat Vectors related to: – Event Type
– Event Venue
– Externa/Internal Threat
– Criminal Threat(drugs, theft, etc…)
– Natural Hazards
UNCLASSIFIED
Cyber Assessments
◼ Offered through the Michigan Cyber Command Center (MC3)
◼ Completely hands-off as MC3 personnel do not physically touch the organization’s network
◼ Conversation based and covers a wide variety of subjects within the cybersecurity arena
UNCLASSIFIED
Cyber Assessments
◼ Assessments provide options for consideration.
◼ NOT subject to Freedom of Information Act Requests (FOIA)
◼ Access/Key Control technology.
◼ Utilization of surveillance technology
(Cameras) and how they are employed.
◼ In-house and contract security forces and
weapons policy.
◼ Impacts of localized crime on the facility.
◼ Illumination/Lighting of significant asset
areas and parking areas.
◼ Previous Security Issues.27
Key Area Of Concern
UNCLASSIFIED
◼ Objective review of current security measures
and technology.
◼ Identification of security gaps and
vulnerabilities.
◼ Write up document provided explaining
results.
◼ Exterior Areas of Concern, Interior Areas of
Concern, Commendable Areas and Protective
measures and “Options for Considerations”
are provided.28
Benefits to
Owner/Operators
UNCLASSIFIED
Benefits to
Owner/Operators
◼ Nothing pertaining to the assessment
results are prescriptive or regulatory.
◼ Data Protections for your facility and
the assessment results
◼ FREE
◼ Information available through the IP Gateway is
protected under the Protected Critical
Infrastructure Information (PCII) Program. This
program protects voluntarily submitted critical
infrastructure information through exemption from:
– Freedom of Information Act (FOIA)
– State and local disclosure laws
– Use in civil litigation
– Regulatory use
30
UNCLASSIFIED
Data Protections
QUESTIONS?
UNCLASSIFIED
PROTECTING THE CITIZENS OF MICHIGAN ALL THREATS. ALL HAZARDS.
24x7x365
MIOC CIP Desk: 517-712-1556
E-mail: [email protected]
1-855-MICHTIP (642-4847)
MC3: [email protected]
MIOC Operations: (517) 241-8000 DSEMIIC: (313) 967-4600
UNCLASSIFIED