Get the most out of Public Sector Cyber Security Associations & Collaboration

Similar documents
U.S. Department of Housing and Urban Development: Weekly Progress Report on Recovery Act Spending

How To Rate Plan On A Credit Card With A Credit Union

NAAUSA Security Survey

Standardized Pharmacy Technician Education and Training

Federation of State Boards of Physical Therapy Jurisdiction Licensure Reference Guide Topic: Continuing Competence

Federal Communications Commission Public Safety and Homeland Security Bureau

Regional Electricity Forecasting

New York Public School Spending In Perspec7ve

Federation of State Boards of Physical Therapy Jurisdiction Licensure Reference Guide Topic: Continuing Competence

The Lincoln National Life Insurance Company Variable Life Portfolio

Federation of State Boards of Physical Therapy Jurisdiction Licensure Reference Guide Topic: PTA Supervision Requirements

State Corporate Income Tax-Calculation

Broadband Technology Opportunities Program: Sustainable Broadband Adoption and Public Computer Centers

TITLE POLICY ENDORSEMENTS BY STATE

Table 12: Availability Of Workers Compensation Insurance Through Homeowner s Insurance By Jurisdiction

ehealth Price Index Trends and Costs in the Short-Term Health Insurance Market, 2013 and 2014

NHIS State Health insurance data

Table 11: Residual Workers Compensation Insurance Market By Jurisdiction

Federation of State Boards of Physical Therapy Jurisdiction Licensure Reference Guide Topic: License Renewal Who approves courses?

Dashboard. Campaign for Action. Welcome to the Future of Nursing:

Emerging Trends in Information. Impacting the States

Funding Your Technology and Archive Conversion Needs

Enrollment Snapshot of Radiography, Radiation Therapy and Nuclear Medicine Technology Programs 2013

How To Use The Homeland Security Network (Hsin)

Moving TIM from Good to Great?

LexisNexis Law Firm Billable Hours Survey Report

Florida Workers Comp Market

AN INSIDE LOOK AT SOCIAL RECRUITING IN THE USA

Health Workforce Data Collection: Findings from a Survey of States

The Digital Identity Ecosystem of the States: Securing the Enterprise

State Annual Report Due Dates for Business Entities page 1 of 10

STC Insured Deposit Program (STID) Updated 06/16/2016

Auto Insurance Underwriting/Rating

An Introduction to... Equity Settlement

Funding for Accreditation of Medicolegal Death Investigation Offices and Certification of Medicolegal Death Investigation Personnel

The Vermont Legislative Research Shop

The State of the States: FirstNet and Public Safety Broadband

Public Safety Communications: FirstNet and NextGen 911 Services

Enrollment Snapshot of Radiography, Radiation Therapy and Nuclear Medicine Technology Programs 2014

Computer Forensics Examiners as Private Investigators: The Role of Academia in the Debate. CDFSL 2008 Oklahoma City, OK April 23, 2008

What does Georgia gain. by investing in its

Preapproval Inspections for Manufacturing. Christy Foreman Deputy Director Division of Enforcement B Office of Compliance/CDRH

In Utilization and Trend In Quality

State of the Residential Property Management Market Survey Report, Fall 2012

Standardization of Technician Education Want it? Need it? Janet Teeters, M.S., R.Ph. Director of Accreditation Services ASHP

A R R A P R E S E N T A T I O N

OFFICE OF INSPECTOR GENERAL SPECIAL FRAUD ALERT FRAUD AND ABUSE IN NURSING HOME ARRANGEMENTS WITH HOSPICES

CINCINNATI HILLS CHRISTIAN ACADEMY COLLEGE QUESTIONNAIRE FOR STUDENTS

PEOPLE, PRICE, PRODUCT, PROMOTION and PRIDE

The Future of Nursing Report

Recipient Demographics

Native American Direct Loan Program

FIELD SERVICE BULLETIN

I N T E R N A T I O N A L E X E C U T I V E S E R V I C E S T A X

Department of Business and Information Technology

AmGUARD Insurance Company EastGUARD Insurance Company NorGUARD Insurance Company WestGUARD Insurance Company GUARD

LIMITED LIABILITY COMPANY ORGANIZATION CHART

When The Cloud Goes Bust: Data Breaches In The Cloud

Rates and Bills An Analysis of Average Electricity Rates & Bills in Georgia and the United States

National Student Clearinghouse. CACG Meeting

State Special Education Forms September 2002 Eileen M. Ahearn, Ph.D.

Hiring and Compensation

PEER Analysis of OSHA Recordkeeping Inspections Done Pursuant to its National Emphasis Program (NEP)(10/09-8/10) SUMMARY OF DATA

Understanding Payroll Recordkeeping Requirements

Enrollment Snapshot of Radiography, Radiation Therapy and Nuclear Medicine Technology Programs 2012

Payroll Tax Chart Results

Session #56. Two-Factor Authentication. Steven Burke & James McMahon U.S. Department of Education

EFFECTS OF LEGALIZING MARIJUANA 1

States Served. CDFI Fund 601 Thirteenth Street, NW, Suite 200, South, Washington, DC (202)

Admitting Foreign Trained Lawyers. National Conference of Bar Examiners Chicago, May 2, 2015

The 80/20 Rule: How Insurers Spend Your Health Insurance Premiums

ABOUT LPL FINANCIAL. serving. financial advisors. and their clients

Life Settlements Source List

Fixed Indexed Annuity Rates

10 Reasons Why Vertex SMB is A Better Way to Handle Your Sales and Use Tax Automation 11:00 11:30. Scott Coleman. Channel Sales Manager

E-Commerce Customer Acquisition Snapshot

Surety Bond Requirements for Mortgage Brokers and Mortgage Bankers As of July 15, 2011

Community Eligibility Option: Guidance and Procedures for Selection of States for School Year

State Survey Results MULTI-LEVEL LICENSURE TITLE PROTECTION

U.S. Department of Education NCES NAEP. Tools on the Web

DEGREE QUALIFICATIONS PROFILE: A PRIMER FOR IR AND ASSESSMENT PROFESSIONALS

Download at

State Small Business Credit Initiative. SSBCI Overview

Pharmacist Administered Vaccines Types of Vaccines Authorized to Administer

Ending Veteran and Veteran Family Homelessness: The Homeless Veteran Supported Employment Program (HVSEP)

Building a Market for Small Wind: The Break-Even Turnkey Cost of Residential Wind Systems in the United States

2016 Individual Exchange Premiums updated November 4, 2015

The Multi-State Information Sharing and Analysis Center 31 Tech Valley Drive East Greenbush, NY

STATE HOMELESSNESS. The. An examination of homelessness, economic, housing, and demographic trends at the national and state levels.

The Economic Impact of Commercial Airports in 2010

Rates are valid through March 31, 2014.

Final Expense Life Insurance

Alaska (AK) Arizona (AZ) Arkansas (AR) California-RN (CA-RN) Colorado (CO)

1. Full Name of Assured: 2. Address (MUST be a Physical Address): (City) (State) (Zip) Phone Number: ( ) Fax Number: ( ) Address:

NCHRP 20-68A. Domestic Scan Advances in Developing a Cross- Trained Workforce. Significant Findings and Recommendations July 22, 2015

STATE INCOME TAX WITHHOLDING INFORMATION DOCUMENT

2013 Best Best & Krieger LLP. Telecommunications Law

Integrating Cybersecurity with Emergency Operations Plans (EOPs) for Institutions of Higher Education (IHEs)

Transcription:

Get the most out of Public Sector Cyber Security Associations & Collaboration Gary Coverdale Chief Information Security Officer County of Napa, CA Stacey A. Wright Intel Manager MS-ISAC

Get the most out of Public Sector Cyber Security Associations Public Support: MS-ISAC/CIS C-Cube (C3) InfraGard Regional Fusion Centers & Collaboration Critical Infrastructure Council for SLTTs DHS Schools/Education Sector NIST (Cybersecurity Framework) http://www.nist.gov/cyberframework/index.cfm

Get the most out of Public Sector Cyber Security Associations Private Sector Support & Collaboration Verizon Cyber Threat Report http://www.verizonenterprise.com/dbir/2015/ SANS http://alliance.cisecurity.org/opportunity/sanstraining.cfm WEBSENSE Cyber Report http://www.websense.com/content/websense-2015- threat-report.aspx

C 3 Voluntary Program Critical Infrastructure Cyber Community Hands-On Support for State, Local, Tribal, and Territorial (SLTT) Governments The Department of Homeland Security (DHS) and its partners provide multiple hands-on resources to help State, local, tribal, and territorial (SLTT) governments address their cybersecurity needs. o Cyber Resilience Review (CRR) o Cybersecurity Advisors (CSAs) and Protective Security Advisors (PSAs) o SLTT Cybersecurity Engagement Program o C3 Voluntary Program Partners

National Cybersecurity & Communications Integration Center (NCCIC)

Center for Internet Security CISOs and CIOs; security professionals from SLTT governments Fusion Centers Critical Infrastructure Sectors Law Enforcement Nonprofit Organizations Academia Who We Serve Large Global Enterprises; Small and Medium-sized businesses How We Do Business We cultivate a collaborative and trusted environment for information sharing. We focus on readiness and response. We facilitate partnerships between and among the public and private sectors. We ensure that timely, actionable information is collected, analyzed, and shared with partners.

Multi-State Information Sharing and Analysis Center (MS-ISAC) at the Center for Internet Security We Can Achieve Much More Collectively Than We Can Individually MS-ISAC is the key resource for cyber threat prevention, protection, response, and recovery for the nation s state, local, territorial and tribal (SLTT) governments, including all law enforcement agencies, fusion centers, and Homeland Security Advisors.

Members include: All 50 US states MS-ISAC All 78 DHS-recognized fusion centers More than 724 local governments 4 Territories 9 Tribal governments 7 x 24 x 365 Monitoring analysis of ~250 billion logs/month State, Local, Tribal, and Territorial cities, towns, airports, schools, police departments, ports, transit associations, & more

Nationwide Cyber Security Review What is the NCSR? The NCSR, or Nationwide Cyber Security Review, is a voluntary self-assessment survey designed to evaluate cyber security management within state, local, tribal and territorial governments. The Senate Appropriations Committee has requested an ongoing effort to chart nationwide progress in cybersecurity and identify emerging areas of concern. In response, the U.S. Department of Homeland Security (DHS) has partnered with the Center for Internet Security's Multi-State Information Sharing and Analysis Center (MS-ISAC), the National Association of State Chief Information Officers (NASCIO), and the National Association of Counties (NACo) to develop and conduct the second NCSR. Who can participate? All States (and all agencies within), Local government jurisdictions (and all departments within), Tribal and Territorial governments. When does the Survey take place? The survey will start October 1, to coincide with National Cyber Security Awareness Month, and must be completed by November 30, 2014 but will be offered again next year!

Malicious Code Analysis Platform Web based service Members to submit and analyze suspicious files in a controlled and non public fashion including: Executables DLLs Documents Quarantine files Archives (MCAP) Contact MCAP@cisecurity.org This platform is available to all members free of charge. Access can be obtained by sending an email to mcap@cisecurity.org

24x7 Security Operations Center Central location to report any cyber security incident 24x7 support for: Network Monitoring Services Research and Analysis 24x7 analysis and monitoring of: Threats Vulnerabilities Attacks 24x7 reporting: Cyber Alerts & Advisories Web Defacements Account Compromises Hacktivist Notifications Partner Reporting Spamhaus Notifications

Cyber Threat Information & Intelligence 24x7 Assistance Answers to technical questions Incident response and assistance (even just explaining what happened/what it means) Recommendations for mitigation, response, and remediation Trainings Statistics and Intelligence Joint Papers Pointers toward other resources Introductions to other people

Computer Emergency Response Team (CERT) Incident Response (includes on-site assistance) Malware Analysis Computer & Network Forensics Network & Web Application Vulnerability Assessments Log Analysis Netflow Monitoring/Albert Rapid Sensor Deployment Penetration Testing

Vulnerability Management Program any SLTT government, agency, or department may participate What You Get: Victim Notifications when that domain/ip is observed in a malicious context (e.g. data dumps, sending spam, etc.) Website Vulnerability Review that checks to ensure you have the most up to date software on your website What We Need: Domains IP ranges Contact info (name, email, phone number) Contact SOC@cisecurity.org

Products CIS Cyber Security Advisory: extremely short, extremely timely, emails containing technical information regarding system patching and similar system maintenance activity Purchasing Alliance Discounted purchasing buys Incident Notifications via phone or email, as appropriate domain & IP based National Webcasts 6 bi-monthly webcasts on national topics of interest End User Newsletters Monthly newsletter to rebrand and distribute CIS Cyber Alerts: extremely short, extremely timely, emails containing information on a specific cyber incident or threat Intel Papers: Intelligence-driven papers on TTPs, trends, patterns, and actors affecting SLTT governments October Toolkit: Items to promote cyber security awareness in your organization Threat Information: Information on malicious domains, IPs, and current threat events Training Webcasts: Monthly training & guest speakers for CPE credit

Soltra Edge Machine-to-Machine indicator transfer FS-ISAC Missouri State MS-ISAC Attacking IPs Contact Scott.Parish@cisecurity.org

Who do I call? Security Operations Center (SOC) SOC@cisecurity.org - 1-866-787-4722 31 Tech Valley Dr., East Greenbush, NY 12061-4134 www.cisecurity.org to join or get more information: https://msisac.cisecurity.org/members/index.cfm

Information Sharing & Analysis Centers (ISACs) Information Sharing & Analysis Organizations (ISAOs) ISACs created via PDD 61, May 22, 1998 to allow the private sector to come together, share information, perform analysis, and respond to incidents ISAOs created EO 13691, February 13, 2015 to gather, analyze, and disseminate critical infrastructure information Information Sharing and Analysis Centers Multi-State Electric Sector Public Transit Aviation ICS Communications Nuclear Sector Supply Chain Water Sector Maritime Oil and Gas Research and Education Emergency Management and Response Health Defense Industrial Base Downstream Natural Gas Real Estate Sector Surface Transportation Information Technology Automotive Financial Services

InfraGard Partnership between the FBI and the Private Sector Free membership Vetted members gain access to: TLP: GREEN and U//FOUO documents Briefings and meetings California Chapters: Los Angeles Sacramento San Diego San Francisco Bay Area

Mission: Electronic Crimes Task Force To increase the resources, skills and vision by which State, local, and federal law enforcement agencies team with prosecutors, private industry and academia to fully maximize what each has to offer in an effort to combat criminal activity California Chapters: Los Angeles San Francisco

Cyber Task Force Mission: In support of the national effort to counter threats posed by terrorist, nation-state, and criminal cyber actors, each CTF synchronizes domestic cyber threat investigations in the local community through information sharing, incident response, and joint enforcement and intelligence actions Provides: Enhanced understanding of threat Surge capability for cyber incidents Participation with national teams SME for instruction, presentations, research

Fusion Centers HI AK AL AZ AR CA CO CT DE FL GA ID IL IN IA KY LA ME MD MA MI MN MS MO MT NB NV NH NJ NM NY NC ND OH OK OR PA RI SC SD TN TX UT VT VA WA WV WI WY KS WV ID GU MP AS VI PR

California Fusion Centers Northern California Regional Intelligence Center (NCRIC) San Francisco Statewide Threat Assessment Center (STAC) Sacramento Central California Intelligence Center (CICC)/Sacramento Regional Threat Assessment Center (SACRTAC) Sacramento Joint Regional Intelligence Center (JRIC) Los Angeles Orange County Intelligence Assessment Center (OCIAC) Santa Ana San Diego Law Enforcement Coordination Center (SD-LECC) San Diego

CA Counties Info Sec Forum For CISOs/CSOs/Techies Meets every six months for a face to face Committees to: Build best practice white papers Develop Policy Boilerplates Discuss problems and solutions Build response teams Supported by vendors

Building a Collaboration Group Set a mission and goal: What do you want to achieve? Drives who to invite: - Public or private sector, or both? - Executives or techies, or both? - IT, forensics, law enforcement, intelligence, etc. Will inviting a particular group restrict information sharing? How are future members invited? Vetted? Get help from a professional event coordinator Tier Approach: Permanent Members Resource Members

Building a Collaboration Group Meetings: How often and via what channels? Can you sustain this level? Is there value? Distribution Lists: What level of information can be transmitted? How are people added? Do you need multiple distribution lists? Who Pays? Vendors are willing to support costs if they see market opportunities!

Get the most out of Public Sector Cyber Security Associations LINKS: http://msisac.cisecurity.org/ & Collaboration https://www.us-cert.gov/ccubedvp https://www.sfbay-infragard.org/ http://www.dhs.gov/national-network-fusion-centers-fact-sheet http://www.dhs.gov/critical-infrastructure-partnership-advisorycouncil http://www.dhs.gov/ http://alliance.cisecurity.org/opportunity/training.cfm http://www.nist.gov/cyberframework/index.cfm

Gary Coverdale Chief Information Security Officer County of Napa, CA Gary.Coverdale@countyofnapa.org Stacey A. Wright Intel Manager MS-ISAC Stacey.Wright@cisecurity.org

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information