DoD CIO UNCLASSIFIED. DIB CS Program Value-Added
|
|
- Brianna Chandler
- 7 years ago
- Views:
Transcription
1 DoD CIO DoD-Defense Industrial Base Cybersecurity (DIB CS) Information Sharing Program A Public-Private Cybersecurity Partnership Ms. Vicki Michetti Director, DoD-DIB CS Program October,
2 DIB CS Program Value-Added DoD CIO A public-private cybersecurity partnership that: Provides a collaborative environment for sharing unclassified and classified cyber threat information Offers analyst-to-analyst exchanges, mitigation and remediation strategies Provides companies analytic support and forensic malware analysis Increases U.S. Government and industry understanding of cyber threat Enables companies to better protect unclassified defense information on company networks or information systems Protects confidentiality of shared information Mission: Enhance and supplement Defense Industrial Base (DIB) participants capabilities to safeguard DoD information that resides on, or transits, DIB unclassified information systems 2
3 DIB CS Program Eligibility DoD CIO A contractor must be a Cleared Defense Contractor (CDC) and shall: (1) Have an existing active Facility Clearance (FCL) granted under NISPOM (DoD M); (2) Execute the standardized Framework Agreement (FA) with the Government, (3) To receive classified cyber threat information electronically: (i) Have or acquire a Communication Security (COMSEC) account in accordance with the NISPOM Chapter 9, Section 4 (DoD M), which provides procedures and requirements for COMSEC activities; and (ii) Have or acquire approved safeguarding for at least Secret information, and continue to qualify under the NISPOM for retention of its FCL and approved safeguarding; and (iii) Obtain access to DoD's secure voice and data transmission systems supporting the voluntary DoD-DIB CS information sharing program. 3
4 DIB CS Program Participation DoD CIO DIB CS Participants are CDCs: Large, mid, and small-sized defense contractors Sole source providers, market competitors, joint-development partners, supply chain vendors Manufacturers of weapon systems, platforms, and critical parts Federally Funded Research and Development Centers (FFRDCs) Commercial Solution and Service Providers University Affiliated Research Centers 4
5 DIB CS Program Construct DoD CIO Framework Agreement Damage Assessment Information Sharing Reporting and Response 5
6 DoD CIO DIB CS Program Framework Agreement Bilateral agreement between DoD and DIB Partner Initiates unique threat information sharing environment to safeguard cyber threat information and protect company equities Precludes unfair advantage Builds trusted partnership between senior DoD and Corporate senior officials Amendments Wholly-owned Subsidiaries International Business Units 3 rd Party Service Provider 6
7 DIB CS Program Information Sharing DoD CIO The DoD Cyber Crime Center (DC3) implements the DIB CS Program and provides: - Unclassified actionable cyber threat information - Classified contextual information - Mitigation and remediation strategies - Analyst-to-Analyst discussions and other collaboration activities 7
8 DoD CIO DIB CS Program DoD Cyber Crime Center (DC3) A National Cyber Center supporting law enforcement, counterintelligence info assurance & protecting critical infrastructure National Cyber Investigative Joint Task Force (NCIJTF) DoD Cyber Crime Center (DC3) U.S. Cyber Command (USCYBERCOM) Dept of Homeland Security (DHS) Nat l Cybersecurity & Communications Integration Center (NCCIC) NSA/Central Security Service (CSS) Threat Operations Center (NTOC) NCCIC regularly partners with FBI and USSS teams in the same capacity as those from the cyber centers Intelligence Community Incident Response Center (IC-IRC) Cyber Threat Intelligence Integration Center (CTIIC) 8
9 DIB CS Program DC3 Operations DoD CIO Defense Computer Forensics Laboratory (DCFL) Defense Cyber Crime Center Analytical Group (DC3-AG) Defense Cyber Investigations Training Academy (DCITA) Defense Cyber Crime Institute (DCCI) Defense Industrial Base Collaborative Information Sharing Environment (DCISE) 9
10 DoD CIO DIB CS Program DoD-DIB Program Reporting and Response DC3 serves as the single DoD focal point for receiving all cyber incident reporting affecting unclassified networks of DoD contractors DIB companies report cyber incidents within 72 hours of discovery to DC3 at dibnet.dod.mil - DIB CS participants receive a non-attribution version of reported information in nearreal-time - DIB participants receives analytical support and mitigation and remediation strategies DC3 conducts forensic analysis of malicious software (malware) DC3 develops incident trends, best practices and other information useful to DIB CS participants 10
11 DoD CIO DIB CS Program Cyber Incident Reporting by DoD Contractors What is a cyber incident? Defined as actions taken through the use of computer networks that result in a compromise or an actual or potentially adverse effect on an information system and/or the information residing therein Who should report and why? DoD contractors report cyber incidents in accordance with the DFARS Clause DoD contractors report in accordance with other reporting requirements identified in a contract or other agreement. DoD Cloud Service Providers report cyber incidents specified in the clause , Cloud Computing Services DoD-DIB CS Participants voluntarily report cyber incidents for situational awareness 11
12 DoD CIO DIB CS Program DIB Cybersecurity Web Portal Report a Cyber Incident Access to this page requires a DoD-approved medium assurance certificate. For more information please visit the ECA website. Apply to DIB CS Program Cleared defense contractors apply to join the DIB CS Program for voluntary cyber threat information sharing. Access requires a DoDapproved medium assurance certificate. For more information please visit the ECA website. Login to DIB CS Information Sharing Portal Current DIB CS Program participants login to the DIBNet portal. Access requires a DoDapproved medium assurance certificate. For more information please visit the ECA website. DIBNet.dod.mil 12
13 DoD CIO DIB CS Program Modifications to DIB CS Program DoD published revised 32 CFR Part 236, DoD-Defense Industrial Base (DIB) Cybersecurity (CS) Activities Interim Final rule on Oct. 2, Modifies eligibility criteria to permit greater participation in voluntary DoD-DIB Cybersecurity information sharing program: All participating DIB Companies have access to unclassified cyber threat information (DIBNet-U) DIB company may also elect to receive classified cyber threat information electronically (DIBNet-S) - Encourages voluntary cyber incident and indicator reporting by DIB participants for cyber situational awareness that does not meet threshold of mandatory reporting requirements - Aligns with mandatory cyber incident reporting requirements DFARS Case 2013-D018, Network Penetration Reporting and Contracting for Cloud Services - Applies only to Other Types of Agreements (OTAs) 13
14 DoD CIO DIB CS/IA Program Enhanced Cyber Security Services (ECS) ECS is a DHS managed voluntary program that helps U.S. based public and private entities protect their systems from unauthorized access, exploitation, or data exfiltration Shares sensitive and classified government-vetted cyber threat information with qualified Commercial Service Providers (CSPs) and Operational Implementers (OIs) CSPs use cyber threat information to protect their customers OIs use cyber threat information to protect their own networks Two approved countermeasures DNS Sinkholing Filtering Four approved CSPs AT&T: ecs-pmo@list.att.com Centurylink: ecs@centurylink.com Verizon: vz-ecs@one.verizon.com Lockheed Martin: ecs.lm@lmco.com 14
15 DIB CS Program Summary DoD CIO DIB CS program: Creates a trusted sharing environment between DoD and DIB participants Enables DIB CS participants to improve network security and better understand the cyber threat Is a proven public-private cybersecurity partnership Promotes cyber threat sharing between the U.S. Government and Industry 15
16 DIB CS Program Contact Information DoD CIO DIB CS Program: Phone: (703) Toll Free Number: FAX: (571) CFR Part 236: 16
DEPARTMENT OF DEFENSE BILLING CODE 5001-06. Department of Defense (DoD)-Defense Industrial Base (DIB) Cybersecurity (CS) Activities
This document is scheduled to be published in the Federal Register on 10/02/2015 and available online at http://federalregister.gov/a/2015-24296, and on FDsys.gov DEPARTMENT OF DEFENSE BILLING CODE 5001-06
More informationDepartment of Defense DIRECTIVE
Department of Defense DIRECTIVE NUMBER 5505.13E March 1, 2010 ASD(NII)/DoD CIO SUBJECT: DoD Executive Agent (EA) for the DoD Cyber Crime Center (DC3) References: See Enclosure 1 1. PURPOSE. This Directive:
More informationCOMMENTS OF THE ELECTRONIC PRIVACY INFORMATION CENTER THE DEPARTMENT OF DEFENSE [DOD-2009-OS-0183/RIN 0790-AI60]
COMMENTS OF THE ELECTRONIC PRIVACY INFORMATION CENTER to THE DEPARTMENT OF DEFENSE Defense Industrial Base (DIB) Voluntary Cyber Security and Information Assurance (CS/IA) Activities By notice published
More informationOutside Director and Proxy Holder Training: Module 1: Intro to DSS and Foreign Ownership, Control, or Influence (FOCI) Defense Security Service
Outside Director and Proxy Holder Training: Module 1: Intro to DSS and Foreign Ownership, Control, or Influence (FOCI) Defense Security Service February 2014 Training Objectives DSS Agency DSS Mission
More informationSEC.. DEFENSE CYBER CRIME CENTER: AUTHORITY TO ADMIT PRIVATE SECTOR CIVILIANS TO CYBER SECURITY COURSES.
SEC.. DEFENSE CYBER CRIME CENTER: AUTHORITY TO ADMIT PRIVATE SECTOR CIVILIANS TO CYBER SECURITY COURSES. 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 (a) AUTHORITY FOR ADMISSION. The Secretary
More informationWhy Cybersecurity Matters in Government Contracting. Robert Nichols, Covington & Burling LLP
Why Cybersecurity Matters in Government Contracting Robert Nichols, Covington & Burling LLP Cybersecurity is the No. 1 Concern of General Counsel and Directors 2 Cybersecurity Concerns in the Government
More information(Billing Code 5001-06) Defense Federal Acquisition Regulation Supplement: Network. Penetration Reporting and Contracting for Cloud Services (DFARS
This document is scheduled to be published in the Federal Register on 08/26/2015 and available online at http://federalregister.gov/a/2015-20870, and on FDsys.gov (Billing Code 5001-06) DEPARTMENT OF DEFENSE
More informationHow To Protect Your Data From Being Hacked
Cyber Division & Manufacturing Division Joint Working Group Cyber Security for the Advanced Manufacturing Enterprise Manufacturing Division Meeting June 4, 2014 Michael McGrath, ANSER michael.mcgrath@anser.org
More informationIntegrating Cybersecurity with Emergency Operations Plans (EOPs) for Institutions of Higher Education (IHEs)
Integrating Cybersecurity with Emergency Operations Plans (EOPs) for Institutions of Higher Education (IHEs) Amy Banks, U.S. Department of Education, Center for School Preparedness, Office of Safe and
More informationCRISIS MANAGEMENT AND FIRST AID: WHEN GOVERNMENT CONTRACTORS ARE THE HEADLINERS WELCOME
CRISIS MANAGEMENT AND FIRST AID: WHEN GOVERNMENT CONTRACTORS ARE THE HEADLINERS WELCOME CYBER CRISIS MANAGEMENT: ARE YOU PREPARED? Evan Wolff David Bodenheimer Kelly Currie Kate Growley Overview Cybersecurity
More informationDepartment of Defense INSTRUCTION. Security of Unclassified DoD Information on Non-DoD Information Systems
Department of Defense INSTRUCTION NUMBER 8582.01 June 6, 2012 DoD CIO SUBJECT: Security of Unclassified DoD Information on Non-DoD Information Systems References: See Enclosure 1 1. PURPOSE. This Instruction:
More informationIntegrating Cybersecurity with Emergency Operations Plans (EOPs) for K-12 Education
Integrating Cybersecurity with Emergency Operations Plans (EOPs) for K-12 Education Amy Banks, U.S. Department of Education, Center for School Preparedness, Office of Safe and Healthy Students Hamed Negron-Perez,
More informationDOD Takes Data-Centric Approach To Contractor Cybersecurity
Portfolio Media. Inc. 860 Broadway, 6th Floor New York, NY 10003 www.law360.com Phone: +1 646 783 7100 Fax: +1 646 783 7161 customerservice@law360.com DOD Takes Data-Centric Approach To Contractor Cybersecurity
More informationLegislative Language
Legislative Language SECTION 1. DEPARTMENT OF HOMELAND SECURITY CYBERSECURITY AUTHORITY. Title II of the Homeland Security Act of 2002 (6 U.S.C. 121 et seq.) is amended (a) in section 201(c) by striking
More informationDepartment of Defense INSTRUCTION. SUBJECT: Communications Security (COMSEC) Monitoring and Information Assurance (IA) Readiness Testing
Department of Defense INSTRUCTION NUMBER 8560.01 October 9, 2007 ASD(NII)/DoD CIO SUBJECT: Communications Security (COMSEC) Monitoring and Information Assurance (IA) Readiness Testing References: (a) DoD
More informationSeptember 10, 2015. Dear Administrator Scott:
September 10, 2015 Tony Scott United States Chief Information Officer Administrator, Office of Electronic Government and Information Technology Office of Management and Budget 725 17th Street, NW Washington,
More informationVersion 2.0. August 2015. Office of the Deputy Assistant Secretary of Defense for Systems Engineering. Washington, D.C.
Guidance to Stakeholders for Implementing Defense Federal Acquisition Regulation Supplement Clause 252.204-7012 (Safeguarding Unclassified Controlled Technical Information) Version 2.0 August 2015 Office
More informationDepartment of Defense DIRECTIVE
Department of Defense DIRECTIVE NUMBER 5205.16 September 30, 2014 USD(I) SUBJECT: The DoD Insider Threat Program References: See Enclosure 1 1. PURPOSE. In accordance with sections 113 and 131 through
More informationCYBERSECURITY RISK MANAGEMENT
CYBERSECURITY RISK MANAGEMENT Evan Wolff Maida Lerner Peter Miller Kate Growley 233 Roadmap Cybersecurity Risk Overview Cybersecurity Trends Selected Cybersecurity Topics Critical Infrastructure DFARS
More informationCybersecurity and Data Breach: Mitigating Risk and How Government Policymakers Approach These Critical Issues
Cybersecurity and Data Breach: Mitigating Risk and How Government Policymakers Approach These Critical Issues Todd Bertoson Daniel Gibb Erin Sheppard Principal Senior Managing Associate Counsel todd.bertoson@dentons.com
More informationTHE 411 ON CYBERSECURITY, INFORMATION SHARING AND PRIVACY
THE 411 ON CYBERSECURITY, INFORMATION SHARING AND PRIVACY DISCLAIMER Views expressed in this presentation are not necessarily those of our respective Departments Any answers to questions are our own opinions
More informationTo improve cybersecurity in the United States through enhanced sharing of information about cybersecurity threats, and for other purposes.
BAG15121 Discussion Draft S.L.C. 114TH CONGRESS 1ST SESSION S. XXXX To improve cybersecurity in the United States through enhanced sharing of information about cybersecurity threats, and for other purposes.
More informationDIVISION N CYBERSECURITY ACT OF 2015
H. R. 2029 694 DIVISION N CYBERSECURITY ACT OF 2015 SEC. 1. SHORT TITLE; TABLE OF CONTENTS. (a) SHORT TITLE. This division may be cited as the Cybersecurity Act of 2015. (b) TABLE OF CONTENTS. The table
More informationS. ll. To improve cybersecurity in the United States through enhanced sharing of information about cybersecurity threats, and for other purposes.
BAG0 Discussion Draft S.L.C. TH CONGRESS D SESSION S. ll To improve cybersecurity in the United States through enhanced sharing of information about cybersecurity threats, and for other purposes. IN THE
More informationAn Overview of Large US Military Cybersecurity Organizations
An Overview of Large US Military Cybersecurity Organizations Colonel Bruce D. Caulkins, Ph.D. Chief, Cyber Strategy, Plans, Policy, and Exercises Division United States Pacific Command 2 Agenda United
More informationDIVISION N CYBERSECURITY ACT OF 2015
U:\0REPT\OMNI\FinalOmni\CPRT--HPRT-RU00-SAHR0-AMNT.xml DIVISION N CYBERSECURITY ACT OF 0 SEC.. SHORT TITLE; TABLE OF CONTENTS. (a) SHORT TITLE. This division may be cited as the Cybersecurity Act of 0.
More informationS. ll IN THE SENATE OF THE UNITED STATES A BILL
TH CONGRESS ST SESSION S. ll To codify mechanisms for enabling cybersecurity threat indicator sharing between private and government entities, as well as among private entities, to better protect information
More informationCybersecurity and internal audit. August 15, 2014
Cybersecurity and internal audit August 15, 2014 arket insights: what we are seeing so far? 60% of organizations see increased risk from using social networking, cloud computing and personal mobile devices
More informationSTATEMENT BY DAVID DEVRIES PRINCIPAL DEPUTY DEPARTMENT OF DEFENSE CHIEF INFORMATION OFFICER BEFORE THE
STATEMENT BY DAVID DEVRIES PRINCIPAL DEPUTY DEPARTMENT OF DEFENSE CHIEF INFORMATION OFFICER BEFORE THE HOUSE OVERSIGHT AND GOVERNMENT REFORM COMMITTEE S INFORMATION TECHNOLOGY SUBCOMMITTEE AND THE VETERANS
More informationThe Department of Homeland Security The Department of Justice
The Department of Homeland Security The Department of Justice to Assist Non-Federal Entities to Share Cyber Threat Indicators and Defensive Measures with Federal Entities under the Cybersecurity Information
More informationCyber Security for Advanced Manufacturing Next Steps
Status Update Cyber Security for Advanced Manufacturing Next Steps NDIA Manufacturing Division February 19, 2015 Michael McGrath Consultant, Analytic Services Inc. michael.mcgrath@anser.org NDIA White
More informationBy: Gerald Gagne. Community Bank Auditors Group Cybersecurity What you need to do now. June 9, 2015
Community Bank Auditors Group Cybersecurity What you need to do now June 9, 2015 By: Gerald Gagne MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS 2015 Wolf & Company, P.C. Cybersecurity
More informationImplementing Program Protection and Cybersecurity
Implementing Program Protection and Cybersecurity Melinda Reed Office of the Deputy Assistant Secretary of Defense for Systems Engineering Mark Godino Office of the Deputy Assistant Secretary of Defense
More informationWhat The OMB Cybersecurity Proposal Does And Doesn't Do
Portfolio Media. Inc. 860 Broadway, 6th Floor New York, NY 10003 www.law360.com Phone: +1 646 783 7100 Fax: +1 646 783 7161 customerservice@law360.com What The OMB Cybersecurity Proposal Does And Doesn't
More informationLegislative Language
Legislative Language SEC. 1. COORDINATION OF FEDERAL INFORMATION SECURITY POLICY. (a) IN GENERAL. Chapter 35 of title 44, United States Code, is amended by striking subchapters II and III and inserting
More informationPrivacy and Data Security Update for Defense Contractors
Privacy and Data Security Update for Defense Contractors T.J. Crane May 19, 2017 Overview DoD interim rule Expanded DFAR reporting obligations New DFAR definitions Cloud services Changes to local breach
More informationThe U.S. Department of Homeland Security s Response to Senator Franken s July 1, 2015 letter
The U.S. Department of Homeland Security s Response to Senator Franken s July 1, 2015 letter 1. In what ways do private entities currently share with, and receive from, the government cyber threat information?
More informationHow To Make A National Security Agreement Between Dhs And Dod
MEMORANDUM OF AGREEMENT BETWEEN THE DEPARTMENT OF HOMELAND SECURITY AND THE DEPARTMENT OF DEFENSE REGARDING CYBERSECURITY 1. PARTIES. The parties to this Agreement are the Department of Homeland Security
More informationGAO. IT SUPPLY CHAIN Additional Efforts Needed by National Security- Related Agencies to Address Risks
GAO For Release on Delivery Expected at 10:00 a.m. EDT Tuesday, March 27, 2012 United States Government Accountability Office Testimony Before the Subcommittee on Oversight and Investigations, Committee
More informationDefense Security Service
Defense Security Service Defense Security Service Cybersecurity Operations Division Counterintelligence UNCLASSIFIED Defense Security Service DSS Mission DSS Supports national security and the warfighter,
More informationFederal Register / Vol. 80, No. 165 / Wednesday, August 26, 2015 / Rules and Regulations
Federal Register / Vol. 80, No. 165 / Wednesday, August 26, 2015 / Rules and Regulations 51739 a. Remove the entries Fruits, stone, group 12 ; Nut, tree, group 14 ; and Pistachio from the table in paragraph
More informationWhat is Management Responsible For?
What is Management Responsible For? Matthew J. Putvinski, CPA, CISA, CISSP MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS 2011 Wolf & Company, P.C. About Wolf & Company, P.C Regional
More informationSECTION-BY-SECTION. Section 1. Short Title. The short title of the bill is the Cybersecurity Act of 2012.
SECTION-BY-SECTION Section 1. Short Title. The short title of the bill is the Cybersecurity Act of 2012. Section 2. Definitions. Section 2 defines terms including commercial information technology product,
More informationI N T E L L I G E N C E A S S E S S M E N T
I N T E L L I G E N C E A S S E S S M E N T (U//FOUO) Malicious Cyber Actors Target US Universities and Colleges 16 January 2015 Office of Intelligence and Analysis IA-0090-15 (U) Warning: This document
More informationUNM Information Assurance Scholarship for Service (SFS) Program
UNM Information Assurance Scholarship for Service (SFS) Program What is Information Assurance? Committee on National Security Systems (CNSS) defines information assurance (IA): Measures that protect and
More informationCyber Incident Annex. Cooperating Agencies: Coordinating Agencies:
Cyber Incident Annex Coordinating Agencies: Department of Defense Department of Homeland Security/Information Analysis and Infrastructure Protection/National Cyber Security Division Department of Justice
More informationRecent Data Security Developments for Government Contractors
Recent Data Security Developments for Government Contractors November 4, 2015 Attorney Advertising Speakers Jonathan Cedarbaum Partner WilmerHale Barry Hurewitz Partner WilmerHale Ben Powell Partner WilmerHale
More informationCyber Incident Annex. Federal Coordinating Agencies. Coordinating Agencies. ITS-Information Technology Systems
Cyber Incident Annex Coordinating Agencies ITS-Information Technology Systems Support Agencies Mississippi Department of Homeland Security Mississippi Emergency Management Agency Mississippi Department
More informationCyberSecurity Solutions. Delivering
CyberSecurity Solutions Delivering Confidence Staying One Step Ahead Cyber attacks pose a real and growing threat to nations, corporations and individuals globally. As a trusted leader in cyber solutions
More informationStatement of Gil Vega. Associate Chief Information Officer for Cybersecurity and Chief Information Security Officer. U.S. Department of Energy
Statement of Gil Vega Associate Chief Information Officer for Cybersecurity and Chief Information Security Officer U.S. Department of Energy Before the Subcommittee on Oversight and Investigations Committee
More informationHow Cybersecurity Initiatives May Impact Operators. Ross A. Buntrock, Partner ross.buntrock@agg.com 202.669.0495
How Cybersecurity Initiatives May Impact Operators Ross A. Buntrock, Partner ross.buntrock@agg.com 202.669.0495 Agenda! Rise in Data Breaches! Effects of Increase in Cybersecurity Threats! Cybersecurity
More informationRETHINKING ORC: NRF S CYBER SECURITY EFFORTS. OMG Cross Domain Threat & Risk Information Exchange Day, March 23, 2015
RETHINKING ORC: NRF S CYBER SECURITY EFFORTS OMG Cross Domain Threat & Risk Information Exchange Day, March 23, 2015 No Organization is Secure Source: http://www.informationisbeautiful.net An Average
More informationCybersecurity Kill Chain. William F. Crowe, CISA, CISM, CRISC, CRMA September 2015 ISACA Jacksonville Chapter Meeting August 13, 2015
Cybersecurity Kill Chain William F. Crowe, CISA, CISM, CRISC, CRMA September 2015 ISACA Jacksonville Chapter Meeting August 13, 2015 Who Am I? Over 20 years experience with 17 years in the financial industry
More informationDepartment of Defense INSTRUCTION
Department of Defense INSTRUCTION NUMBER 5200.39 May 28, 2015 USD(I)/USD(AT&L) SUBJECT: Critical Program Information (CPI) Identification and Protection Within Research, Development, Test, and Evaluation
More informationStanding together for financial industry cyber resilience Quantum Dawn 3 after-action report. November 23, 2015
Standing together for financial industry cyber resilience Quantum Dawn 3 after-action report November 23, 2015 Table of contents Background Exercise objectives Quantum Dawn 3 (QD3) cyberattack scenario
More informationSTATEMENT OF RANDY S. MISKANIC VICE PRESIDENT, SECURE DIGITAL SOLUTIONS U.S. POSTAL SERVICE BEFORE THE SUBCOMMITTEE ON FEDERAL WORKFORCE, U.
STATEMENT OF RANDY S. MISKANIC VICE PRESIDENT, SECURE DIGITAL SOLUTIONS U.S. POSTAL SERVICE BEFORE THE SUBCOMMITTEE ON FEDERAL WORKFORCE, U.S. POSTAL SERVICE AND THE CENSUS UNITED STATES HOUSE OF REPRESENTATIVES
More informationDepartment of Homeland Security
DHS' Efforts to Coordinate the Activities of Federal Cyber Operations Centers OIG-14-02 October 2013 Washington, DC 20528 / www.oig.dhs.gov October 24, 2013 MEMORANDUM FOR: The Honorable Suzanne Spaulding
More informationInto the cybersecurity breach
Into the cybersecurity breach Tim Sanouvong State Sector Cyber Risk Services Deloitte & Touche LLP April 3, 2015 Agenda Setting the stage Cyber risks in state governments Cyber attack vectors Preparing
More informationOffice of Inspector General
DEPARTMENT OF HOMELAND SECURITY Office of Inspector General Security Weaknesses Increase Risks to Critical United States Secret Service Database (Redacted) Notice: The Department of Homeland Security,
More informationCyber-Security Risk- IP Theft and Data Breaches Protecting your Crown Jewels Internally and with Your Key Third Parties
Cyber-Security Risk- IP Theft and Data Breaches Protecting your Crown Jewels Internally and with Your Key Third Parties Pamela Passman President and CEO Center for Responsible Enterprise And Trade (CREATe.org)
More informationCyber Watch. Written by Peter Buxbaum
Cyber Watch Written by Peter Buxbaum Security is a challenge for every agency, said Stanley Tyliszczak, vice president for technology integration at General Dynamics Information Technology. There needs
More informationCybersecurity and Information Sharing: Comparison of H.R. 1560 and H.R. 1731
Cybersecurity and Information Sharing: Comparison of H.R. 1560 and H.R. 1731 Eric A. Fischer Senior Specialist in Science and Technology April 20, 2015 Congressional Research Service 7-5700 www.crs.gov
More information2010 Data Breach Investigations Report
2010 Data Breach Investigations Report Matthijs van de Wel Managing Principal Forensics EMEA 2010 Verizon. All Rights Reserved. PTE14626 07/10 PROPRIETARY STATEMENT This document and any attached materials
More informationLessons from Defending Cyberspace
Lessons from Defending Cyberspace The Challenge of Addressing National Cyber Risk Andy Purdy Workshop on Cyber Security Center for American Studies, Christopher Newport College 10 28-2009 Cyber Threat
More informationREQUEST FOR INFORMATION
Department of Management Services REQUEST FOR INFORMATION Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services 3 September 2015 6506 Loisdale Rd, Ste 325
More informationNo. 33 February 19, 2013. The President
Vol. 78 Tuesday, No. 33 February 19, 2013 Part III The President Executive Order 13636 Improving Critical Infrastructure Cybersecurity VerDate Mar2010 17:57 Feb 15, 2013 Jkt 229001 PO 00000 Frm 00001
More informationHEALTH INSURANCE MARKETPLACES GENERALLY PROTECTED PERSONALLY IDENTIFIABLE INFORMATION BUT COULD IMPROVE CERTAIN INFORMATION SECURITY CONTROLS
Department of Health and Human Services OFFICE OF INSPECTOR GENERAL HEALTH INSURANCE MARKETPLACES GENERALLY PROTECTED PERSONALLY IDENTIFIABLE INFORMATION BUT COULD IMPROVE CERTAIN INFORMATION SECURITY
More information239.76 239.76 2016 O0001(OCT
Network Penetration Reporting and Contracting for Cloud Services (DFARS Case 2013 D018) Frequently Asked Questions (FAQs) regarding the implementation of DFARS Subpart 204.73, and PGI Subpart 204.73 DFARS
More informationDefending Against Data Beaches: Internal Controls for Cybersecurity
Defending Against Data Beaches: Internal Controls for Cybersecurity Presented by: Michael Walter, Managing Director and Chris Manning, Associate Director Protiviti Atlanta Office Agenda Defining Cybersecurity
More informationState Governments at Risk: The Data Breach Reality
State Governments at Risk: The Data Breach Reality NCSL Legislative Summit August 5, 2015 Doug Robinson, Executive Director National Association of State Chief Information Officers (NASCIO) About NASCIO
More informationAIRSPACE WAIVERS AND FLIGHT AUTHORIZATIONS FOR CERTAIN AVIATION OPERATIONS (INCLUDING DCA) (Amended)
for the AIRSPACE WAIVERS AND FLIGHT AUTHORIZATIONS FOR CERTAIN AVIATION OPERATIONS (INCLUDING DCA) (Amended) Contact Point Lisa S. Dean Privacy Officer Transportation Security Administration (571) 227-3947
More informationDHS. CMSI Webinar Series
DHS CMSI Webinar Series Renee Forney Executive Director As the Executive Director for the Cyberskills Management Support Initiative (CMSI), Ms. Forney supports the Undersecretary for Management (USM) for
More informationJOINT EXPLANATORY STATEMENT TO ACCOMPANY THE CYBERSECURITY ACT OF 2015
JOINT EXPLANATORY STATEMENT TO ACCOMPANY THE CYBERSECURITY ACT OF 2015 The following consists of the joint explanatory statement to accompany the Cybersecurity Act of 2015. This joint explanatory statement
More informationEVALUATION REPORT. The Department of Energy's Unclassified Cybersecurity Program 2014
U.S. Department of Energy Office of Inspector General Office of Audits and Inspections EVALUATION REPORT The Department of Energy's Unclassified Cybersecurity Program 2014 DOE/IG-0925 October 2014 Department
More informationDoD Strategy for Defending Networks, Systems, and Data
DoD Strategy for Defending Networks, Systems, and Data November 13, 2013 Department DoDD of Defense Chief Information Officer DoD Strategy for Defending Networks, Systems, and Data Introduction In July
More informationDepartment of Homeland Security
Department of Homeland Security Cybersecurity Awareness for Colleges and Universities EDUCAUSE Live! July 24, 2014 Overview Dramatic increase in cyber intrusions, data breaches, and attacks at institutions
More informationNSA/IAD NSCAP CIRA Accreditation Instruction Manual
Table of Contents 1 Introduction...5 1.1 Fees and Charges... 5 1.2 Application Submittals... 6 2 How to Apply Qualifications...7 3 CIRA Services The Accreditation Process...7 3.1 Overview... 7 3.2 Application
More informationBlacKnight. Cyber Security international A BUSINESS / MARKETING PRESENTATION
BlacKnight Cyber Security international A BUSINESS / MARKETING PRESENTATION The BlacKnight Mission To provide proven techniques and innovative learning services to help organizations detect, deter and
More informationU.S. Department of Energy Office of Inspector General Office of Audits and Inspections
U.S. Department of Energy Office of Inspector General Office of Audits and Inspections Audit Report The Department's Configuration Management of Non-Financial Systems OAS-M-12-02 February 2012 Department
More informationCollaboration for the Detection, Prevention, Mitigation and Response to Cyber Attacks
Collaboration for the Detection, Prevention, Mitigation and Response to Cyber Attacks Presented by Steve Lines Chairman DIB SCC Cyber Committee CIO CyberIQ 1 Presentation Summary The Information Sharing
More information[STAFF WORKING DRAFT]
S:\LEGCNSL\LEXA\DOR\OI\PARTIAL\CyberWD..xml [STAFF WORKING DRAFT] JULY, 0 SECTION. TABLE OF CONTENTS. The table of contents of this Act is as follows: Sec.. Table of contents. Sec.. Definitions. TITLE
More informationComparison of Information Sharing, Monitoring and Countermeasures Provisions in the Cybersecurity Bills
April 4, 2012 Comparison of Information Sharing, Monitoring and Countermeasures Provisions in the Cybersecurity Bills The chart below compares on civil liberties grounds four bills that seek to promote
More informationNew Devices Mean New Risks: The Potential for Liability When Software is a Component of Medical Devices. September 25, 2013
New Devices Mean New Risks: The Potential for Liability When Software is a Component of Medical Devices September 25, 2013 The Hartford Insuring Innovation Joe Coray Dan Silverman Providing insurance solutions
More informationPreventing And Dealing With Cyber Attacks And Data Breaches. Arnold & Porter LLP Lockheed Martin WMACCA February 12, 2014
Preventing And Dealing With Cyber Attacks And Data Breaches Arnold & Porter LLP Lockheed Martin WMACCA February 12, 2014 Charles A. Blanchard Arnold & Porter LLP Formerly General Counsel, U.S. Air Force
More informationNational Security & Homeland Security Councils Review of National Cyber Security Policy. Submission of the Business Software Alliance March 19, 2009
National Security & Homeland Security Councils Review of National Cyber Security Policy Submission of the Business Software Alliance March 19, 2009 Question # 1: What is the federal government s role in
More informationCybersecurity Information Sharing Legislation Protecting Cyber Networks Act (PCNA) National Cybersecurity Protection Advancement (NCPA) Act
In a flurry of activity, the U.S. House of Representatives last week passed two cybersecurity information sharing bills. Both the House Intelligence Committee and the House Homeland Security Committee
More informationCybersecurity Enhancement Account. FY 2017 President s Budget
Cybersecurity Enhancement Account FY 2017 President s Budget February 9, 2016 Table of Contents Section 1 Purpose... 3 1A Mission Statement... 3 1.1 Appropriations Detail Table... 3 1B Vision, Priorities
More informationCYBERSECURITY BEST PRACTICES FOR SMALL AND MEDIUM PENNSYLVANIA UTILITIES
CYBERSECURITY BEST PRACTICES FOR SMALL AND MEDIUM PENNSYLVANIA UTILITIES The information provided in this document is presented as a courtesy to be used for informational purposes only. This information
More informationPrivacy and Civil Liberties Interim Guidelines: Cybersecurity Information Sharing Act of 2015
The Department of Homeland Security The Department of Justice Privacy and Civil Liberties : Cybersecurity Information Sharing Act of 2015 February 16, 2016 Table of Contents 1 Purpose... 3 2 Applicability...
More informationImplementation of the Cybersecurity Executive Order
Implementation of the Cybersecurity Executive Order November 13 th, 2013 Ben Beeson, Partner, Lockton Companies Gerald J. Ferguson, Partner, BakerHostetler Mark Weatherford, Principal, The Chertoff Group
More informationIndustry. Cyber Security. Information Sharing at the Technical Level. Guidelines
NATO Communications and Information Agency (NCI Agency) - Industry Cyber Security Information Sharing at the Technical Level Guidelines Effective date: 28 March 2014 Revision No: Rev 1 Change History Revision
More informationNSA/DHS Centers of Academic Excellence for Information Assurance/Cyber Defense
NSA/DHS Centers of Academic Excellence for Information Assurance/Cyber Defense Cyber Investigations Data Management Systems Security Data Security Analysis Digital Forensics Health Care Security Industrial
More informationS. ll. To improve cybersecurity in the United States through enhanced sharing of information about cybersecurity threats, and for other purposes.
BAG Discussion Draft S.L.C. TH CONGRESS ST SESSION S. ll To improve cybersecurity in the United States through enhanced sharing of information about cybersecurity threats, and for other purposes. IN THE
More informationThe Comprehensive National Cybersecurity Initiative
The Comprehensive National Cybersecurity Initiative President Obama has identified cybersecurity as one of the most serious economic and national security challenges we face as a nation, but one that we
More informationCyber Side-Effects: How Secure is the Personal Information Entered into the Flawed Healthcare.gov? Statement for the Record
Cyber Side-Effects: How Secure is the Personal Information Entered into the Flawed Healthcare.gov? Statement for the Record Roberta Stempfley Acting Assistant Secretary for Cybersecurity and Communications
More informationKeynote: FBI Wednesday, February 4 noon 1:10 p.m.
Keynote: FBI Wednesday, February 4 noon 1:10 p.m. Speaker: Leo Taddeo Special Agent in Change, Cyber/Special Operations Division Federal Bureau of Investigation Biography: Leo Taddeo Leo Taddeo is the
More informationCYBER SECURITY INFORMATION SHARING & COLLABORATION
Corporate Information Security CYBER SECURITY INFORMATION SHARING & COLLABORATION David N. Saul Senior Vice President & Chief Scientist 28 June 2013 Discussion Flow The Evolving Threat Environment Drivers
More informationStatement of. Mike Sena. President, National Fusion Center Association. Director, Northern California Regional Intelligence Center (NCRIC)
Statement of Mike Sena President, National Fusion Center Association Director, Northern California Regional Intelligence Center (NCRIC) Joint Hearing of the Subcommittee on Emergency Preparedness, Response,
More informationINFRAGARD.ORG. Portland FBI. Unclassified 1
INFRAGARD.ORG Portland FBI 1 INFRAGARD Thousands of Members One Mission Securing Infrastructure The subject matter experts include: 2 INFRAGARD Provides a trusted environment for the exchange of Intelligence
More information