U.S. Cyber Security Readiness Anthony V. Teelucksingh Senior Counsel United States Department of Justice John Chris Dowd Special Agent Federal Bureau of Investigation
Overview U.S. National Plan National Cyber Risk Management Risk Mitigation/Security Compliance Way Forward/Areas of Cooperation
Cyber - Physical Relationship Critical Infrastructure / Key Resources Farms Agriculture and Food Food Processing Plants Energy Transportation Chemical Industry Power Plants Production Sites Railroad Tracks Highway Bridges Pipelines Ports Chemical Plants Cyber Infrastructure Internet Domain Name System Web Hosting IP Protocol E-Mail Hardware Servers Desktops Networking Equipment Postal and Shipping Water Public Health Telecommunications Banking and Finance Key Assets Delivery Sites Reservoirs Treatment Plants Hospitals Cable Fiber FDIC institutions Nuclear Power Plants Government facilities Dams Software Operating Systems System Utilities Program Applications Control Systems SCADA PCS DCS
Government s key cyber roles Cyber Law Enforcement and Intelligence State Cyber Security Coordination FBI/DOJ Homeland Security/ Secret Service Cyber Preparedness, Cyber Infrastructure Response, Recovery, Protection Homeland Security Consumer Protection Cyber Fraud Prevention FTC Information Security Standards and Guidelines NIST
Framework for National Action a national strategy sound legal and regulatory foundation to address and respond to cyber security and cyber crime (DoJ/FBI/ USSS); a national security response system with effective organizations to prevent, predict, detect, respond to and recover from cyber incidents (DHS/NCSD) coordinated partnership between government at all levels and the private sector leadership role by governments in promoting a culture of cyber security among those who own, provide, manage, service and use information systems and networks.
Public and private partnerships are essential to cyber security Majority of U.S. assets in private sector Exception for U.S. military and government assets Often relies on private sector infrastructure Represent the foundation of our critical infrastructure protection and cyber security initiatives Work together to mitigate the risk associated with cyber consequences, vulnerabilities and threats Build global situational awareness through outreach, collaboration, and engagement
Managing Cyber Risk The National Infrastructure Protection Plan (NIPP): Cyber Risk Mitigation Programs
NIPP: Cyber Implements the NIPP Risk Management Framework toward securing the cyber infrastructure across all the 17 critical infrastructure/key resource sectors Assess and prioritize risk mitigation efforts based on threat, vulnerabilities, and consequences Requires coordination among agencies and between government and private sector Cyber Components: IT Sector risk management/sector Specific Plan Cyber guidance across all sectors
Risk Mitigation Programs Internet Disruption Working Group Promote resiliency of the Internet Control Systems Security Program Reduce control system cyber vulnerabilities in critical infrastructure Software Assurance Program Mitigate risk through the creation of more secure software
National Cyberspace Security Response System Federal Agencies (GFIRST, DOD, CISOs) Law Enforcement/Intelligence International State and Local agencies Private Sector Homeland Security Operations Center (HSOC)
Risk Mitigation/Compliance Outreach and Awareness Promote cyber security awareness among the general public and within key communities including international and private sector Establish and maintain relationships with: Government cyber security professionals Industry www.onguardonline.gov Awareness Organizations www.staysafeonline.org National Cyber Security Awareness Month - October
National Cyberspace Security Response System Correlate incident data from multiple sources US-CERT Malicious Code Analysis Team Cyber risk analysis Cyber Threat: Participate in the National Intelligence Estimate for cyber and cyber intelligence requirements Coordination with law enforcement and intelligence
National Cyberspace Security Response System Response US-CERT Operations: 24x7x365 watch and warning center US-CERT Portal National Cyber Response Coordination Group (NCRCG) Federal government's principal interagency mechanism to facilitate coordination of efforts to respond to and recover from cyber incidents of national significance Established by Cyber Annex to National Response Plan
Law Enforcement Strategy 1. Investigate and prosecute cybercriminals 2. Improve domestic operational response and cooperation. 3. Improve international cooperation on cybercrime investigation. 4. Improve domestic cybersecurity efforts to reduce vulnerabilities.
Cybercriminals are changing
Law Enforcement International Cooperation Countries need to: Enact sufficient laws to criminalize computer abuses Commit adequate personnel and resources Improve abilities to collect and share evidence internationally Council of Europe Convention on Cybercrime ratified by U.S. Senate G8 24/7 Network
Areas of Cooperation Standards and best practices Training and education Research and development Long term planning and improvements Law enforcement cooperation
Room document United States Framework for National Action for Cybersecurity and Critical Information Infrastructure Protection