Risk & Vulnerability Assessment Training



Similar documents
2. OVERVIEW OF THE PRIVATE INFRASTRUCTURE

NATIONAL STRATEGY FOR GLOBAL SUPPLY CHAIN SECURITY

CyberSecurity Solutions. Delivering

Insider s Guide to Careers in Intelligence Analysis. hosted by Tom Hunter, MA, M.Litt. (Former DIA Senior Intelligence Analyst)

2016 CORPORATE BRIEF ProSol Overview & Core Capabilities

Final Draft/Pre-Decisional/Do Not Cite. Forging a Common Understanding for Critical Infrastructure. Shared Narrative

Common Threats and Vulnerabilities of Critical Infrastructures

CARVER+Shock Vulnerability Assessment Tool

U.S. Cyber Security Readiness

INFRAGARD.ORG. Portland FBI. Unclassified 1

Cybersecurity on a Global Scale

Cybersecurity Delivering Confidence in the Cyber Domain

Department of Defense DIRECTIVE

RECRUITMENT PROCEDURES FOR CYBER SECURITY POSITIONS UNDER SCHEDULE A AUTHORITY

Cybersecurity Converged Resilience :

CYBER SECURITY GUIDANCE

CYBERBOK Cyber Crime Security Essential Body of Knowledge: A Competency and Functional Framework for Cyber Crime Management

Appendix A: Gap Analysis Spreadsheet. Competency and Skill List. Critical Thinking

The virtual battle. by Mark Smith. Special to INSCOM 4 INSCOM JOURNAL

Reliable, Repeatable, Measurable, Affordable

Visualization, Modeling and Predictive Analysis of Internet Attacks. Thermopylae Sciences + Technology, LLC

Establishing a State Cyber Crimes Unit White Paper

An Accelerated Pathway to Careers in Cybersecurity for Transitioning Veterans. NICE Annual Conference November 2015

CBO. Federal Funding for Homeland Security: An Update. What Is Homeland Security?

Appendix -- Homeland Security Mission Funding by Agency and Budget Account (budget authority in millions of dollars)

April 8, Ms. Diane Honeycutt National Institute of Standards and Technology 100 Bureau Drive, Stop 8930 Gaithersburg, MD 20899

Managing Cyber Risks to Transportation Systems. Mike Slawski Cyber Security Awareness & Outreach

Hearing before the House Permanent Select Committee on Intelligence. Homeland Security and Intelligence: Next Steps in Evolving the Mission

Public Private Partnerships and National Input to International Cyber Security

THE WHITE HOUSE. Office of the Press Secretary. For Immediate Release February 12, February 12, 2013

Developing a Mature Security Operations Center

v. 03/03/2015 Page ii

Qualifications FISK CONSULTANTS

Network Management and Defense Telos offers a full range of managed services for:

This directive establishes the Department of Homeland Security (DHS) Security Education, Training, and Awareness (SETA) Program.

7 Homeland. ty Grant Program HOMELAND SECURITY GRANT PROGRAM. Fiscal Year 2008

Rapid Response, Total Support. Homeland Security Solutions that Keep America Safe

Supplemental Tool: Executing A Critical Infrastructure Risk Management Approach

Panel Session: Lessons Learned in Smart Grid Cybersecurity

BUILDING DESIGN FOR HOMELAND SECURITY. Unit I Building Design for Homeland Security

Water Critical Infrastructure and Key Resources Sector-Specific Plan as input to the National Infrastructure Protection Plan Executive Summary

DEPARMTMENT OF HOMELAND SECURITY AUTHORIZATION BILL FOR FY 2008 AND FY 2009 SECTION-BY-SECTION

Software & Supply Chain Assurance: Mitigating Risks Attributable to Exploitable ICT / Software Products and Processes

El Camino College Homeland Security Spring 2016 Courses

Simulation and Training Solutions

Shon Harris s Newly Updated CISSP Materials

Testimony of. Mr. Anish Bhimani. On behalf of the. Financial Services Information Sharing and Analysis Center (FS-ISAC) before the

Defense Security Service

Enabling Mission Success

Subject: Critical Infrastructure Identification, Prioritization, and Protection

PASTA Abstract. Process for Attack S imulation & Threat Assessment Abstract. VerSprite, LLC Copyright 2013

NH!ISAC"ADVISORY"201.13" NATIONAL"CRITICAL"INFRASTRUCTURE"RESILIENCE"ANALYSIS"REPORT""

COUNTERINTELLIGENCE VULNERABILITY ASSESSMENT FOR CORPORATE AMERICA

December 17, 2003 Homeland Security Presidential Directive/Hspd-7

On the European experience in critical infrastructure protection

ForeScout CounterACT CONTINUOUS DIAGNOSTICS & MITIGATION (CDM)

AT A HEARING ENTITLED THREATS TO THE HOMELAND

GAO CRITICAL INFRASTRUCTURE PROTECTION. Significant Challenges in Developing Analysis, Warning, and Response Capabilities.

Oil & Gas Industry Towards Global Security. A Holistic Security Risk Management Approach.

About the Port Authority

Global Cyber Range (GCR) Empowering the Cybersecurity Professional (CyPro)

Introduction to Cybersecurity Overview. October 2014

MILLENNIUM CORPORATION

Rethinking Cyber Security for Industrial Control Systems (ICS)

Leveraging innovative security solutions for government. Helping to protect government IT infrastructure, meet compliance demands and reduce costs

FBI AND CYBER SECURITY

The Comprehensive National Cybersecurity Initiative

Image credits: Front cover: U.S. Army photo by Sgt. Brandon Little, Task Force XII PAO, MND-B Inside back cover: U.S Army photo by Staff Sgt.

DoD CIO UNCLASSIFIED. DIB CS Program Value-Added

The Economic Benefit of Cloud Computing

22. HOMELAND SECURITY FUNDING ANALYSIS

The Strategic Importance, Causes and Consequences of Terrorism

A Primer on Cyber Threat Intelligence

BlacKnight. Cyber Security international A BUSINESS / MARKETING PRESENTATION

Keynote: FBI Wednesday, February 4 noon 1:10 p.m.

How To Become A Cybersecurity Consultant

White Paper: Leveraging Web Intelligence to Enhance Cyber Security

DEPARTMENT OF HOMELAND SECURITY

Cybersecurity: Mission integration to protect your assets

Cyber Security. BDS PhantomWorks. Boeing Energy. Copyright 2011 Boeing. All rights reserved.

LNG and Petrochemical Security Risk Assessment and Management

OVERVIEW OF THE ADMINISTRATION S FY 2005 REQUEST FOR HOMELAND SECURITY By Steven M. Kosiak

Corporate Overview A

Arizona Counter Terrorism Information Center

IT-CNP, Inc. Capability Statement

National Initiative for Cyber Security Education

Actions and Recommendations (A/R) Summary

Transcription:

Critical Infrastructure Protection Homeland security assistance should be based strictly on an assessment of risks and vulnerabilities......it [Homeland Security] should supplement state and local resources based on the risks and vulnerabilities that merit additional support. -9/11 Commission Report Risk & Vulnerability Assessment Training Applicable to all National Critical Infrastructures: FOOD WATER ENERGY KEY ASSETS AGRICULTURE GOVERNMENT PUBLIC HEALTH TRANSPORTATION DEFENSE INDUSTRY CHEMICAL INDUSTRY POSTAL AND SHIPPING BANKING AND FINANCE EMERGENCY SERVICES INFORMATION AND TELECOMMUNICATIONS

The nation s Critical Infrastructures face a myriad of physical and technical threats. These threats, whether natural, man-made, accidental or intentional, each carry a certain level of risk that could compromise national security, public safety, and the economy. Critical Infrastructure owners/operators and U.S. Government officials at all levels have a responsibility to take action to mitigate these risks. IIT s Subject Matter Experts have conducted RVAs of : Freight and Passenger Rail Systems Water Utilities Ports HAZMAT Transportation Chemical Plants IT Infrastructures Emergency Operations Centers and Homeland Security Installations U.S. Government and Military Installations IIT is committed to Critical Infrastructure Protection. IIT has established, and operates 24/7, Information Sharing and Analysis Centers (ISACs) for three Critical Infrastructure Sectors and the Operations Center (security and intelligence) for the North American Freight Railroad Industry. The first step in securing Critical Infrastructures is the performance of a full spectrum Risk and Vulnerability Assessment (RVA). An RVA is an assessment of an organization s critical assets and the impact of their degradation, their vulnerability to exploitation, and the nature and likelihood of specific threats. The successful execution of an RVA requires highly skilled, knowledgeable, and trained personnel. IIT, a leader in the Risk Management and Information Security field, has developed a comprehensive and cost effective Risk & Vulnerability Assessment Training Program to meet these needs. CONTACT: 703.478.7600 Gary Williams (gwilliams@ewa.com) or Keith Kennedy (kkennedy@ewa.com)

IIT s Risk & Vulnerability Assessment Training Provides: Long-term Security Solution Immediate Realization of Increased Protection Turn-Key Operation Complete With Procedures, Policies, and Assessment Formats Proven, Documented, and Repeatable Risk and Vulnerability Assessment Process Comprehensive Physical and Technical Risk and Vulnerability Assessment Approach Hands On Training - Students Learn By Doing Trained Risk and Vulnerability Assessment Team Consisting of Your Own Personnel Assessments of Two Critical Infrastructures Authoritative Response to Proposed / Actual Government Regulations and Inspections GSA Approved Rates and Schedule; DHS and Emergency Management Performance Grants Applicable The IIT Training Team consists of experienced Subject Matter Experts. IIT s RVA process relies upon the U.S. Government, Intelligence Community, Military, and International Security Best Practices. These practices encompass both physical and technical Risk Management and Vulnerability Assessment methodologies and techniques.

RVA Training Curriculum The Risk and Vulnerability Assessment Program Consists of Two Phases. Phase I Self-Paced Instruction CD based interactive training that introduces the methodologies, techniques, and tools to conduct an RVA. Phase II Resident Instruction Three-day classroom instruction focusing on the analytical tools through a series of practical exercises and case studies. Seven-day practical application of skills by conducting an RVA of an actual Critical Infrastructure. Phase I: Self-Paced Instruction A 40-hour Interactive CD provides the foundation of the methodologies, tools, and pertinent guidelines to conducting a Risk and Vulnerability Assessment. Phase I is a mandatory prerequisite to the second phase of resident training. Subjects include: Assessment Methodologies and Planning Vulnerability Assessment Legal Landscape Critical Infrastructure Interdependencies and Contingency Planning Analytical Risk Management Asset Assessment Threat Assessment Vulnerability Assessment Information Systems Architecture and Information Assurance CONTACT: 703.478.7600 Gary Williams (gwilliams@ewa.com) or Keith Kennedy (kkennedy@ewa.com)

Phase II: Resident Instruction A. Classroom Practical Exercises Days one through three present a series of practical exercises that address the fundamental skills and tools necessary to conduct an RVA. Critical Infrastructures and their Interdependencies Contingency Planning Analytical Tools and Techniques Blast Mitigation Primer Introduction to Crime Prevention through Environmental Design (CPTED) Principles Sample Adversary Logic Diagram B. Vulnerability Assessment Exercise During days four through ten, student teams conduct an actual Risk and Vulnerability Assessment of a critical infrastructure. IIT Subject Matter Experts guide the students through all phases of the assessment: Assessment Planning and Coordination Data Collection and Aggregation Analysis Mitigation Strategies Reporting

Gary Williams Program Manager, Critical Infrastructure Protection Gary Williams is a Physical and Operational Security RVA Subject Matter Expert. Over the past decade, he has established an authoritative, comprehensive set of Private Infrastructure, U.S. Government, Military, and International Security Best Practices and methodologies. Mr. Williams has been instrumental in the execution of RVA s for the North American Class 1 Freight Railroads, the Passenger Railroads, Public Transportation, and the Chemical Industry. As a Program Manager for Critical Infrastructures, he has continued to refine RVA methodologies and develop numerous distance learning and resident CIP training programs. Retired from 22 years of service with U.S. Army Special Operations Forces, Mr. Williams has continued to protect the Critical Infrastructure of the United States through his work conducting Risk and Vulnerability Assessments. Currently possesses a U.S. Government Top Secret/SCI clearance. Keith Kennedy - Senior Analyst Mr. Kennedy is an expert in intelligence analysis and critical infrastructure protection. His recent efforts include Counter-Terror Information Analysis for Water Utilities, the Class 1 Freight and Passenger Railroads, and Public Transportation Organizations. Mr. Kennedy is a former U.S. Amry Intelligence Analyst with experience in information analysis, link analysis, and vulnerability assessments. Mr. Kennedy performed vulnerability assessments worldwide for the United States Army. Mr. Kennedy has been instrumental in developing analytical methods and information sharing initiatives that greatly enhance the security of our critical infrastructure. He co-authored the comprehensive Risk and Vulnerability Assessment Curriculum. Currently possesses a U.S. Government Top Secret/SCI clearance. Craig Thompson Senior Technical Security Engineer Mr. Thompson is responsible for technical & cyber vulnerability assessments. His recent efforts include vulnerability assessments for the Defense Department, Federal Agencies, Water Utilities, the Class 1 Freight Railroads, and Passenger Railroads. Mr. Thompson is a former U.S. Army Counterintelligence (CI) Special Agent, whose assignments ranged from leading and conducting specialized media and network forensics investigations to training CI personnel to perform this mission. Mr. Thompson is a current member of the National Guard, leading and conducting advanced security, Computer Defense Assistance Program (CDAP), and vulnerability assessments (VA), as well as training National Guard soldiers to perform the VA mission. Currently possesses a U.S. Government Top Secret/SCI clearance. To coordinate your RVAT course and for more information contact: Gary Williams (703) 478-7600 gwilliams@ewa.com IIT TRAINING TEAM RVA Subject Matter Experts

IIT CORPORATE PROFILE EWA Information and Infrastructure Technologies, Inc. (IIT) provides the private and public sectors with vendor-neutral risk management and information security solutions that are advanced, comprehensive, and complete. A wholly owned subsidiary of Electronic Warfare Associates, IIT, was established in 1997 to provide Information Operations and Information Assurance support to both Government and Commercial customers. Early and continued success has allowed for steady growth and diversification. Today, IIT s core business areas include Critical Infrastructure Protection, Homeland Security, Information Operations, Information Technology, Intelligence, Systems Security Engineering, and Training and Certification. With annual revenues of over $30 million, IIT is a recognized leader in the security field. Dedicated to providing its clients with the highest level of service and support, IIT recruits and retains only top quality personnel. IIT professionals have extensive problem solving and intelligence experience. In addition, over 90% have U.S. Government Top Secret security clearances. Headquartered in Herndon, VA, with employees working in corporate offices around the globe, IIT is well equipped to provide a variety of services to protect information, assets, and people. Through its collaboration with standards boards such as the International Organization for Standardization (ISO), and its active participation in national and international professional organizations, IIT is directly involved in major developments within the security community. For further information please visit: www.ewa-iit.com

EWA Information & Infrastructure Technologies, Inc. 13873 Park Center Road, Suite 200 Herndon, VA 20171 www.ewa-iit.com 703.478.7600

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information