• No results found

Community Cyber Security. Center for Infrastructure Assurance and Security

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Community Cyber Security. Center for Infrastructure Assurance and Security"

Copied!
20
0
0

Loading.... (view fulltext now)

Download now ( 20 Page )

Full text

(1)
(2)

Overview

CIAS program

Nevada implementation Get involved

(3)

Physical and Cyber Threats Intersect

“The most destructive scenarios involve cyber actors launching several attacks on our critical infrastructure at once, in

combination with a physical attack on our country. Attackers could also seek to disable or degrade critical military systems and

communications networks…The collective result of these kinds of attacks could be “cyber Pearl Harbor”: an attack that would cause physical destruction and loss of life, paralyze and shock the nation, and create a profound new sense of vulnerability.”

U.S. Secretary of Defense Leon Panetta October 11, 2012

(4)

Center for Infrastructure Assurance and

Security

Center at The University of Texas at San Antonio

Small, agile and non-profit, founded in 2001

Focus areas

Cyber Security Training

Cyber Defense Competition Program Infrastructure Assurance Programs

Resources

Primarily grant funded (DHS, DoD) Others as requested

UTSA is a NSA / DHS National Center of Academic Excellence in Information Assurance Education

(5)

Completed Training and Exercises

Honolulu, HI Sacramento, CA

Palo Alto, CA San Francisco, CA (IT ISAC)

Great Falls, MT

Dover, DE

Wilmington, DE

Miami, FL (ISAC Congress) Baltimore, MD (Chemical ISAC) Virginia Beach, VA

St. Petersburg, FL (FS ISAC)

Rhode Island Cyber Terrorism Task Force

West Palm Beach, FL (FDLE) Cyber Storm I - III in Washington, D.C. Chicago, IL

(FS ISAC)

Dayton, OH

Austin, TX

San Antonio, TX Corpus Christi, TX El Paso, TX

Del Rio, TX

Houston, TX (Energy ISAC) Bossier City, LA

Alexandria, LA

New York, NY (FS ISAC)

Community and State Exercises

Critical Infrastructure Sectors/ISAC Exercises Cyber Storm I & II Exercises

Community and State Exercises

Critical Infrastructure Sectors/ISAC Exercises Cyber Storm Exercises

Oklahoma City, OK

Cyber Security Training Courses

Helena, MT

Los Angeles, CA

Fresno, CA

Des Moines, IA

Moncks Corner, SC West Columbia, SC

West Windsor, NJ Scotch Plains, NJ West Trenton, NJ

Saratoga, CA

Lakeland, FL (FDLE) Tallahassee, FL

(FDLE)

Fort Lauderdale, FL (FDLE) Jacksonville, FL (FDLE)

Tampa, FL (FDLE)

Providence, RI

Nacogdoches, TX

Completed as of September 2012

Tyler, TX Plano, TX

Springfield, IL

Santa Ana, CA Costa Mesa, CA

Philadelphia, PA

Brooklyn, NY Hamilton, NJ

Rome, NY

Montgomery, AL Charlotte, NC

Fort Myers, FL (FDLE) Raleigh, NC

Vancouver, WA Camp Murray, WA

Madison, WI Augusta, ME Richmond, VA Boston, MA Framingham, MA Oriskany, NY Albany, NY Reno, NV

(6)

Community Cyber Security Maturity Model

Developed by the CIAS

Based on our experience across the nation Development supported by Congress and DHS

Multi-dimensional

Collaboration is key

Phases connect levels Provides

Common reference Roadmap

(7)

Community Cyber Security

Phase One

Exercise #1 – cross-sector tabletop

Enhance awareness of threats, issues, vulnerabilities

Examine imperatives for policies, procedures, training and awareness Discuss internal / external information sharing

Exercise #2 – sector-based tabletop

Exercise prior event’s lessons, emphasize internal information sharing

Exercise #3 – cross-sector tabletop

Exercise prior event’s lessons, emphasize external information sharing

Transition events – before / after each exercise

Planning conferences, After Action Report Workshop

Voice and Data Security course, On-Site Cyber Security Solutions Workshops

Phases Two – Four

Increase complexity and realism

(8)

CIAS Program – Phase One Implementation

15 After Action Report

Workshop

12 Initial Planning Conference

13 Final Planning Conference

14 State Cyber Security Exercise

State & Community Exercise 3

8 Initial Planning Conference & Leading Cyber Security Course

(2nd Offering)

11 After Action Report Workshop

10 Community Cyber Security Exercise

9 Final Planning Conference Community

Exercise 2

5 After Action Report Workshop

6 Voice and Data Security Course

7 On-site Cyber Security Solutions Workshops

2 Leading Cyber Security

Course & Initial Planning Conference

3 Final Planning Conference

4 Community Cyber Security Exercise

1 Initial Contact Meeting Community

(9)

Typical Participants

City, County, State Officials – Leadership

Emergency Services, First Responders, Disaster Preparedness

Law Enforcement, Fire / Rescue, Medical

Emergency Operations Centers, Fusion Centers

Critical Infrastructure Providers – Public and Commercial

Power, Water, Telecom, ISPs, Transportation (Air, Rail, Water, Road)

Chambers of Commerce / Economic Development Organizations Major commercial community organizations

Services, financial, industrial, healthcare

Public Schools, Colleges, Universities Military – Active, Guard, Reserve

Visitors – Invited VIPs (Senators, Representatives, Governor) Media – Involvement determined by community

(10)
(11)

DHS Selects Nevada

Nevada competed for and secured this program

Letter of endorsement from Governor Sandoval

Well established cyber leadership in the state

Relationships with the major metropolitan areas

(12)

Nevada Timeline

February 2012 – September 2012

Community Exercise #1 – cross-sector tabletop Transition events – before / after each exercise

September 2012 – January 2013

Community Exercise #2 – sector-based tabletop Transition events – before / after each exercise

February 2013 – March 2013

State and Community Exercise #3 – cross-sector tabletop Transition events – before / after each exercise

(13)

Nevada Results So Far

20 community cyber security events

654 participants

High demand for technical training Positive media coverage

Working groups

Cyber Security Awareness Policies and Procedures Information Sharing Training and Education

(14)

Nevada Leaders Engaged

Cyber security stands as one of our Nation’s highest

priorities, the Nevada Commission on Homeland

Security, which I chair, also has chosen cyber security as

one our State’s highest priorities.”

Robert Sandoval, Governor of Nevada “Community Cyber Security Exercise Opening Remarks,” Reno, NV and Henderson, NV, 2012

(15)

Key Success Factors

Strong advocacy throughout the state of Nevada Leadership involvement

Public and private sector participation Excellent points of contact

(16)

How to Get Involved in Nevada

State of Nevada Point of Contact

Tim Cary

tcary@dps.state.nv.us (775) 687-0389

Clark-Las Vegas Community Point of Contact Laura Fucci

LFucci@clarkcountyNV.gov (702) 455-5853

Washoe-Carson Community Point of Contact Chris Long

(17)

Real Stories, Real Impacts

Silicon Valley Fiber Cuts

(18)

How We Can Help

Cyber Security Program Offerings

Exercises

Leadership Workshops & Seminars

Community Incident Response Planning Workshops Cyber Security Awareness Seminars

Cyber Security Training Offerings

(ISC)2 CISSP Prep

CompTIA® Security+ and Network+ Prep Voice and Data Security

Planning Cyber Security Exercises

Organizational Risk and Technical Assessment Community Dependency Mapping

(19)

Issues Throughout the Nation

Leadership in organizations and communities are NOT aware of the cyber threat

Host a half-day Executive Cyber Security Exercise

Organizations and communities don’t have an effective plan to respond to cyber security incidents

Develop, train and exercise the plan at organizations and in communities

Management and staff are unsure of the affect of a cyber incident

(20)

How to Contact CIAS

Phone

210-458-2119

Web

References

Download now ( PDF - 20 Page - 1.53 MB )

Related documents

A study of rural women farmers' access to markets in Chirumanzu

Finally a case study approach was settled on because it appeared that many authors on the subject of market access use case studies to make their arguments;

Differences in Engagement of Online Doctoral Students Based on Gender and Race

The problem is that levels of engagement among doctoral students in online programs are poorly understood, while the roles of gender and race further complicate the problem, since

Basic Principles of Chemical Kinetics

A reaction can be third-order overall without requiring any third-order step in the mechan- ism, if a rapid equilibrium maintains an intermediate X at a concentration Kab and

Peripheral Metropolitan Areas in the European Union

The Council’s tasks include: to initiate cooperation between entrepreneurs, higher education institutions and business institutions for the sake of the city’s development;

Creating Reciprocal Value Through Operational Transparency

In a field experiment conducted in a university dining hall, we demonstrate that the introduction of reciprocal operational transparency, which enabled customers and chefs to see

Border Security: Immigration Inspections at Ports of Entry

The Border Security, Economic Opportunity, and Immigration Modernization Act (S. 744), for example, would require carriers to collect electronic machine-readable biographic data

Media Competence. Articulated Proposal of Dimensions and Indicators

• Discover how media representations structure our perception of reality, often through unnoticed communications. • Evaluate the reliability of sources of

NHSCHO Inspections - A Department of Care

We spoke with the doctor who said, “I really like working in this hospital, it’s like a family.” The comment cards we collected mainly had positive responses about staff and the