Federal Highway Administration Director, Office of Transportation Management



Similar documents
Department of Homeland Security

CYBERSECURITY BEST PRACTICES FOR SMALL AND MEDIUM PENNSYLVANIA UTILITIES

NIST Cybersecurity Framework. ARC World Industry Forum 2014

7 Homeland. ty Grant Program HOMELAND SECURITY GRANT PROGRAM. Fiscal Year 2008

Integrating Cybersecurity with Emergency Operations Plans (EOPs) for K-12 Education

GEARS Cyber-Security Services

Roadmaps to Securing Industrial Control Systems

Integrating Cybersecurity with Emergency Operations Plans (EOPs) for Institutions of Higher Education (IHEs)

Department of Homeland Security Federal Government Offerings, Products, and Services

Plain English Guide To Common Criteria Requirements In The. Field Device Protection Profile Version 0.75

NICE and Framework Overview

State Agency Cyber Security Survey v October State Agency Cybersecurity Survey v 3.4

TESTIMONY OF DANIEL DUFF VICE PRESIDENT - GOVERNMENT AFFAIRS AMERICAN PUBLIC TRANSPORTATION ASSOCIATION BEFORE THE

US-CERT Year in Review. United States Computer Emergency Readiness Team

National Cybersecurity & Communications Integration Center (NCCIC)

The Importance of Cybersecurity Monitoring for Utilities

Cybersecurity in the Utilities Sector Best Practices and Implementation 2014 Canadian Utilities IT & Telecom Conference September 24, 2014

ICS-CERT Incident Response Summary Report

Information Technology Policy

National Cybersecurity Assessment and Technical Services: Capability Brief. Presented by: Sean McAfee Updated: May 5, 2014

Suzanne B. Schwartz, MD, MBA Director Emergency Preparedness/Operations & Medical Countermeasures (EMCM Program) CDRH/FDA

Facilitated Self-Evaluation v1.0

Added Security for your Traffic Signal Network

Transportation Industrial Control Systems (ICS) Cybersecurity Standards Strategy

High Level Cyber Security Assessment 2/1/2012. Assessor: J. Doe

I N T E L L I G E N C E A S S E S S M E N T

NYS LOCAL GOVERNMENT VULNERABILITY SCANNING PROJECT September 22, 2011

NHTSA S AUTOMOTIVE CYBERSECURITY RESEARCH. Arthur Carter, Frank Barickman, NHTSA

Cyber - Security and Investigations. Ingrid Beierly August 18, 2008

DHS Cyber Security & Resilience Resources: Cyber Preparedness, Risk Mitigation, & Incident Response

Office of Inspector General

CYBER SECURITY GUIDANCE

ICBA Summary of FFIEC Cybersecurity Assessment Tool

The State of Industrial Control Systems Security and National Critical Infrastructure Protection

Policy Title: HIPAA Security Awareness and Training

GAO. INFORMATION SECURITY Persistent Weaknesses Highlight Need for Further Improvement

Homeland Security Perspectives: Cyber Security Partnerships and Measurement Activities

WELCOME TO THE ITS-NY 22 nd ANNUAL MEETING AND TECHNOLOGY EXHIBITION

SCADA and Security Are they Mutually Exclusive? Terry M. Draper, PE, PMP

Utility-Scale Applications of Microgrids: Moving Beyond Pilots Cyber Security

Release of the Draft Cybersecurity Procurement Language for Energy Delivery Systems

TASK TDSP Web Portal Project Cyber Security Standards Best Practices

Managing Cyber Risks to Transportation Systems. Mike Slawski Cyber Security Awareness & Outreach

Cyber Security: Cyber Incident Response Guide. A Non-Technical Guide. Essential for Business Managers Office Managers Operations Managers.

Local Government Cyber Security:

Water Security in New Jersey: Partnership and Services

DON T BE A VICTIM! IS YOUR ORGANIZATION PROTECTED FROM CYBERSECURITY THREATS?

AT&T Cybersecurity Policy Overview

OCIE CYBERSECURITY INITIATIVE

Cyber Security and Privacy - Program 183

Patching & Malicious Software Prevention CIP-007 R3 & R4

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Resources and Capabilities Guide

Security Policy for External Customers

NIST CYBERSECURITY FRAMEWORK COMPLIANCE WITH OBSERVEIT

Cyber Security Incident Handling Policy. Information Technology Services Center (ITSC) of The Hong Kong University of Science and Technology

ICS-CERT Year in Review. Industrial Control Systems Cyber Emergency Response Team. National Cybersecurity and Communications Integration Center

How To Write A Cybersecurity Framework

Attachment A. Identification of Risks/Cybersecurity Governance

Building Insecurity Lisa Kaiser

FFIEC Cybersecurity Assessment Tool Overview for Chief Executive Officers and Boards of Directors

By: Gerald Gagne. Community Bank Auditors Group Cybersecurity What you need to do now. June 9, 2015

Preventing and Defending Against Cyber Attacks June 2011

Cybersecurity Awareness. Part 1

Logging In: Auditing Cybersecurity in an Unsecure World

National Institute of Standards and Technology Smart Grid Cybersecurity

Critical Infrastructure & Supervisory Control and Data Acquisition (SCADA) CYBER PROTECTION

Seven Strategies to Defend ICSs

Office of Inspector General

Cisco Advanced Services for Network Security

DIVISION OF INFORMATION SECURITY (DIS) Information Security Policy Threat and Vulnerability Management V1.0 April 21, 2014

Network/Cyber Security

Preventing and Defending Against Cyber Attacks November 2010

Iowa Health Information Network (IHIN) Security Incident Response Plan

Compliance Guide ISO Compliance Guide. September Contents. Introduction 1. Detailed Controls Mapping 2.

How To Audit The Mint'S Information Technology

STRATEGIC POLICY. Information Security Policy Documentation. Network Management Policy. 1. Introduction

FFIEC Cybersecurity Assessment Tool

Best Practices in ICS Security for Device Manufacturers. A Wurldtech White Paper

NIST Cybersecurity Initiatives. ARC World Industry Forum 2014

Priority III: A National Cyberspace Security Awareness and Training Program

Enterprise Security Tactical Plan

Transcription:

Federal Highway Administration Director, Office of Transportation Management

Transportation Systems Cyber-Security Framework A process to Monitor Alert Advise Owner/Operators of ITS deployments

From just annoying Unlocked or easily accessed control panels with uncomplicated or unchanged default passwords. To becoming serious DMS on publicly accessible IP address with an unchanged default password

Lesson Learned We need a better way to communicate and spread the word about incidents. IT Cyber Security experts do not have the domain knowledge of transportation system for proper threat assessment We re making old mistakes: Poor configuration practice for wireless network Poor practice to secure field equipment Poor practice to patch vulnerabilities

Proposed Current

Purpose Provide transportation system owners/operators a resource for: Identifying, alerting, and advising on cybersecurity incidents specific to transportation systems and infrastructure Investigating potential system vulnerabilities Education and awareness training/information

Dimensions of Threat Malicious attack Non-malicious operational error Lack of system reliability Untrustworthy practices by the operator

Types of Impacts Misinformation Conflicting messages Defeating operational strategies Malfunctioning equipment Equipment damage Information theft Economic theft Data corruption Denial of service

Governing Assumptions Make every effort to provide confidentiality of findings due to the sensitivity of: Inadvertently assisting cyber attackers through dissemination of unresolved vulnerabilities; Potential of shutting down information gathering within the ITS and owner/operator community due to receiving unfavorable and critical reports from media sources; and Work with existing organizations internal to the transportation industry and externally with the cybersecurity and ICS communities.

Organizational Platform Multi-organizational cyber security workgroup Federal, State, and local / public & private sector Use the National Operations Center for Excellence for: reporting and alert function information and expert advice gateway, and education/awareness portal.

Functions Monitoring - Provide stakeholders a secure method to notify the CS WG of events, incidents, or vulnerabilities without exposing observed or suspected activities to the public. There are two reasons to have this more limited communication verses a list serve or other more public discussion forums; 1) assure confidentiality of the owner/operator who s system was attacked and 2) avoid exposing unresolved vulnerabilities. Regularly monitor other sources such as Homeland Security s ICS-CERT and MS-ISAC for attacks and advisory alerts. Provide these same resources with findings as appropriate while not violating confidentiality & exposure principles. Alert - Develop an alert network of system owners, operating professionals, manufactures, and oversight/stewardship agencies (i.e. FHWA Divisions). This would be for quick reaction to ongoing events and providing initial remedial advice. This might include directions on how to handle and distribute this information (e.g. confidential, general dissemination, etc.). Advisory - Form expert sub-teams to develop/disseminate advice and solutions to attacks/threats, identify and manage needed research, and develop education and awareness products for stakeholder groups. Coordinate with other appropriate non-transportation specific organizations (ICS-CERT, MS-ISAC, DHS, etc.).

Beyond Roadway ITS Equipment and Deployments Personal Identifiable Information Tolling and Parking meters Transit Communication Freight Size & Weight inspection Border Crossing Inspection Connected Vehicles

Documents of interest Executive Order 13636 Improving Critical Infrastructure Cybersecurity 2014 National Strategy for Transportation Security: Report to Congress (not yet released) National Institute of Standards and Technology NATIONAL CYBERSECURITY CENTER OF EXCELLENCE Framework for Improving Critical Infrastructure Cybersecurity

Technical Support Available Now Self Assessment Tools - NIST Reports & Articles ITSA, ITE, etc. Dedicated websites TRB Cyber Security Resource Center Expert Advice FHWA & USDOT VOLPE Center Relevant but non-transportation specific organizations - ICS-CERT, MS-ISAC, DHS

Membership: Primary and secondary contacts/resources Federal Highway Administration (FHWA) FHWA Division Offices Other USDOT Modes and agencies (FTA, FRA, FMCSA, VOLPE Center, etc.) USDOT Cyber Security Action Team (Subgroup of the USDOT s Safety Council) Industrial Control System Computer Emergency Response Team (ICS-CERT) U.S. Department of Homeland Security / Federal Bureau of Investigation AASHTO State DOT s Toll Authorities Multi-State Information Sharing and Analysis Center (MS-ISAC) NACTO City DOT s Department of Public Works ITE Transportation Professionals Standards Development Organization ITSA Equipment manufacturers Academia / Researchers NEMA Equipment manufacturers Standards Development Organization TRB Committee on Critical Transportation Infrastructure Protection

Way Forward Actions Core organizations brief leadership and obtain by-in (AASHTO, ITE, ITSA, NEMA, FHWA) Coordination with USDOT Cyber Security Action Team and other USDOT modes (FHWA) Outreach to potential membership (AASHTO, ITE, ITSA, NEMA, FHWA) Coordinate with NOCoE (AASHTO, FHWA) Draft multi-organizational agreement/governance (AASHTO, ITE, ITSA, NEMA, FHWA) Timeline Core organizations confirm commitment to move forward Jan 2015 Associated membership outreach effort Jan/Feb 2015 Charter/agreement/governance/responsibilities developed & in place Summer 2015 Advisory/Alert system activated Fall 2015 Research roadmap established Winter 2015 Awareness and Education activities defined Winter 2015

Questions

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information