• No results found

Cybersecurity Risk Information Sharing Program (CRISP): Bi-Directional Trust

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Cybersecurity Risk Information Sharing Program (CRISP): Bi-Directional Trust"

Copied!
19
0
0

Loading.... (view fulltext now)

Download now ( 19 Page )

Full text

(1)

Cybersecurity Risk

Information Sharing

Program (CRISP):

Bi-Directional Trust

Michael E. Smith

Senior Cyber Policy Advisor to the Assistant Secretary,

(2)

How serious is the threat?

Sophisticated, patient actors have gained direct access to control systems

 Presence goes undetected for years

More ICS devices are being connected to the internet, intentionally and unintentionally

Search engines are enabling the discovery and identification of internet facing devices

(3)

Objectives

Increase awareness of the Cybersecurity Risk Information Sharing Program (CRISP) and its robust new model of

public-private partnership

Recognize the challenges posed by current U.S. laws and policies in getting CRISP up and running

Examine how we jointly addressed these challenges Persuade you to pursue similar partnerships

(4)

What is the impact of CRISP?

One of a kind partnership

Pushing the boundaries of information

sharing

Current participants provide electric

power to 60,107,604 customers - 45.68%

of the continental U.S. total

(5)

The Foundation of Trust

Achieving bi-directional trust

The authorities and policies that define

our relationship

The programs and events that sustain our

relationship

(6)

The Energy Sector Roadmap

Provides strategic framework to:

Align activities to sector

needs

Coordinate public and private

programs

Stimulate investments in ICS

security

www.controlsystemsroadmap.net

Build a Culture of Security

Assess and Monitor Risk Develop and Implement New Protective Measures to Reduce Risk Manage Incidents Sustain Security Improvements

(7)

Participants

The government

 Department of Energy

 And the rest of the government

Industry

 Energy Sector

 Information Sharing and Analysis Centers  Owners and operators

(8)

Architecture

Actionable Indicators Analysis Reports Situational Awareness

Cyber Fed Model (CFM)

Energy Sector

Electricity Information Sharing and Analysis Center

(ISAC)

Downstream Natural Gas ISAC

Oil and Natural Gas ISAC

Operational Pilots Asset Owners Selected Data Transferred to a Highly Secure DOE

Environment Analytics Analysis Anonymized Multi-Agency Classified Analytics Multi-Agency Classified Information: Actionable Indicators Tools and Techniques Information Sharing Enriched Data DOE Energy Sector Cyber Intel Unit

(9)

Five Year Plan – Mission and Vision

Mission: By utilizing advanced technologies and innovative analytical

capabilities:

establish and maintain effective collaboration with energy sector partners through robust bi-directional information sharing

provide energy sector partners with targeted, actionable information to enable requirement setting, detection, prevention, mitigation, and rapid response to emerging threats

Vision: By 2019, an enduring, trusted bi-directional information sharing

partnership between the Department of Energy and its energy sector partners significantly enhances the security of energy sector infrastructure systems and improves the U.S. Government’s near real-time situational awareness.

(10)

Five Year Plan - Goals

Efficient and effective decision making is a sector challenge DOE will focus on three strategic goals to address this

challenge:

Data enrichmentAnalytic platformOperational pilots

(11)

Strategic Goal 1: Data Enrichment

Analytics Analysis Anonymized Multi-Agency Classified Analytics Multi-Agency Classified Information: Actionable Indicators Tools and Techniques Information Sharing Enriched Data DOE Energy Sector Cyber Intel Unit

(12)

Strategic Goal 2: Analytic Platform

Platform is key to managing increasing data diversity and must:

provide both industry and government with near real-time

actionable threat information;

facilitate collaborative analysis; and

deliver the insight required for crucial risk management decisions.

The platform will also:

 shape and evaluate sensor technologies;  identify capability gaps; and

(13)

Strategic Goal 3: Operational Pilots

Investigate technologies and capabilities that improve CRISP

Ensure operational activities align with industry priorities

Collaborate with DHS, the ISACs, energy sector, and

cybersecurity vendors to:

identify and validate pilot targeted capabilitiesreview proposals, and select pilot awardeesconduct subsequent evaluation and assessment

(14)

1

st

Operational Pilot – Norse-FireEye

Norse Corporation

FireEye

(15)

Year One Results

Direct results:

 capability (architectural, technology, and process) improvements and/or

gaps identified and incorporated by CRISP, Norse, FireEye and the volunteer participants;

 volunteer participants choose to remain in CRISP after the pilot ends

Indirect results:

 raising energy sector awareness of the range of best in class commercially

available cybersecurity capabilities while also;

 raising the cybersecurity industry awareness of the unique concerns,

(16)

Next Operational Pilots – ICS Focused

Adding two new national labs

Fully implementing

machine-to-machine sharing

Identifying and employing ICS

situational awareness capabilities

(17)

Apply

Develop your own trusted information sharing relationships Actively participate in U.S. Government information sharing programs

Question existing information sharing models and advocate for improvements

(18)

Summary – We can’t wait…

CRISP represents a ground-breaking new model of public-private partnership

U.S. laws and policies have historically not kept pace with the current cyber threat landscape nor with this type of

aggressive partnership

DOE and its energy sector partners jointly decided that we needed to act now

(19)

Questions?

Mike Smith 202-586-8710

[email protected]

Cybersecurity for Energy Delivery Systems Program

Website:

References

Download now ( PDF - 19 Page - 411.84 KB )

Related documents

Exploring Antecedents of Those Who Practice Servant Leadership

The participants, who claim and are assumed to be servant leaders, described characteristics of the best leaders they have followed and the resulting descriptors (Appendix I)

ADVERTIMENT ADVERTENCIA WARNING

We only consider the traditional vertical axes, i.e., the child (‘/’) axis and the descendant (‘//’) axis, and we also assume set semantics, that is, we disregard the order in

Sustainability through Risk Management. A guide to embedding sustainability into corporate DNA using traditional management tools

Materiality Assessment : analyze the sustainability risks identified by your panel and determine the likelihood of each risk occurring, the significance of the risk to

paying as little as 47 per month for Agency Manager 4.

Agency Manager provides users with a range of information designed for the Workers and supervisory on call staff.. Detailed Timesheet, with work detail from schedule and roster,

A-Base Online Booking System. General Information. Please download an updated version of this document.

This does the job of the previous manual booking sheet and allows members at the rooms to view, create and delete bookings as well as providing a means for

Ohio Crisis Pregnancy Centers Revealed

It also creates a compelling case for state and local inter- vention so that we can ensure that women are aware of the limitations of CPC services while also ensuring that

An examination of the homentropic Euler equations with averaged characteristics

The new equations are referred to as the characteristically averaged homentropic Euler (CAHE) equations. An existence and uniqueness proof for the modified equations is given. The