Cyber After Snowden. Can DC Help Protect Your Networks? Matthew Rhoades, Director, Cyberspace & Security Program

Similar documents
What are you trying to secure against Cyber Attack?

S. ll IN THE SENATE OF THE UNITED STATES

DEFINING CYBERSECURITY GROWTH CATALYSTS & LEGISLATION

Cyber Legislation & Policy Developments 2014

Cybersecurity and Corporate America: Finding Opportunities in the New Executive Order

Cybersecurity: Legislation, Hearings, and Executive Branch Documents

114 th Congress March, Cybersecurity Legislation and Executive Branch Activity I. ADMINSTRATION S CYBERSECURITY PROPOSALS

SECTION-BY-SECTION. Section 1. Short Title. The short title of the bill is the Cybersecurity Act of 2012.

1851 (d) RULE OF CONSTRUCTION. Nothing in this section shall be construed to (1) require a State to report data under subsection

Cybersecurity: Legislation, Hearings, and Executive Branch Documents

Implementation of the Cybersecurity Executive Order

How To Write A National Cybersecurity Act

Myths and Facts about the Cyber Intelligence Sharing and Protection Act (CISPA)

When Can We Expect a Federal Data Breach Notification Law?

Cybersecurity: Legislation, Hearings, and Executive Branch Documents

Cybersecurity Information Sharing Legislation Protecting Cyber Networks Act (PCNA) National Cybersecurity Protection Advancement (NCPA) Act

Preservation of longstanding, roles and missions of civilian and intelligence agencies

Research Note The Fight to Define U.S. Cybersecurity and Information Sharing Policy

How Cybersecurity Initiatives May Impact Operators. Ross A. Buntrock, Partner

Cloud Cyber Incident Sharing Center (CISC) Jim Reavis CEO, Cloud Security Alliance

CLIENT UPDATE CRITICAL INFRASTRUCTURE CYBERSECURITY: U.S. GOVERNMENT RESPONSE AND IMPLICATIONS

Sharing Cybersecurity Threat Info With the Government -- Should You Be Afraid To Do So?

Cybersecurity: The Legal, Legislative and Regulatory Outlook

JOINT EXPLANATORY STATEMENT TO ACCOMPANY THE CYBERSECURITY ACT OF 2015

Cybersecurity and Data Breach: Mitigating Risk and How Government Policymakers Approach These Critical Issues

S. 21 IN THE SENATE OF THE UNITED STATES

Report: An Analysis of US Government Proposed Cyber Incentives. Author: Joe Stuntz, MBA EP 14, McDonough School of Business

Delaware Cyber Security Workshop September 29, William R. Denny, Esquire Potter Anderson & Corroon LLP

Technological Evolution

Comparison of Information Sharing, Monitoring and Countermeasures Provisions in the Cybersecurity Bills

Cybersecurity Primer

CYBER INTELLIGENCE SHARING

COMMENTS OF THE ELECTRONIC PRIVACY INFORMATION CENTER

How To Protect Yourself From Cyber Crime

Cyber Security and the White House

No. 33 February 19, The President

Virginia Joint Commission on Technology and Science. Cybersecurity Legislation

Legislative Proposals for the Maryland Commission on Cyber Security Innovation and Excellence

Cybersecurity: Authoritative Reports and Resources

July 15, President Barack H. Obama The White House 1600 Pennsylvania Ave Washington, D.C

Testimony of Matthew Rhoades Director Cyberspace & Security Program Truman National Security Project & Center for National Policy

Government Focus on Cybersecurity Elevates Data Breach Legislation. by Experian Government Relations and Experian Data Breach Resolution

September 28, MEMORANDUM FOR. MR. ANTONY BLINKEN Deputy Assistant to the President and National Security Advisor to the Vice President

THE 411 ON CYBERSECURITY, INFORMATION SHARING AND PRIVACY

US Legislative Agenda

Cybersecurity: Authoritative Reports and Resources

Cybersecurity: Authoritative Reports and Resources

Diane Honeycutt National Institute of Standards and Technology (NIST) 100 Bureau Drive, Stop 8930 Gaithersburg, MD 20899

Cybersecurity Executive Order

Testimony of. Doug Johnson. New York Bankers Association. New York State Senate Joint Public Hearing:

CYBERSECURITY RISK MANAGEMENT

Summary of Privacy and Data Security Bills- 112 th Congress. Prepared for September 15, 2011 CT Privacy Forum

Privacy Issues Airports

Docket No. DHS , Notice of Request for Public Comment Regarding Information Sharing and Analysis Organizations

2015 Cybersecurity Campaign. Improving Today, Protecting Tomorrow

Global Cybersecurity Outlook:

Testimony of. Wm. Douglas Johnson. American Bankers Association. Subcommittee on Information Technology

Legislative Language

Middle Class Economics: Cybersecurity Updated August 7, 2015

S. ll IN THE SENATE OF THE UNITED STATES A BILL

Cybersecurity: Authoritative Reports and Resources

Information Sharing, Monitoring, and Countermeasures in the Cybersecurity Act, S. 2105, and the SECURE IT Act, S. 2151

Written Testimony. Dr. Andy Ozment. Assistant Secretary for Cybersecurity and Communications. U.S. Department of Homeland Security.

4/21/2015. Jim Reavis CEO, Cloud Security Alliance. Cloud Security Alliance, Agenda

Cybersecurity: Authoritative Reports and Resources

How To Prepare For The Challenges Of 2014

WILLIS SPECIAL REPORT: 10K DISCLOSURES HOW RETAIL COMPANIES DESCRIBE THEIR CYBER LIABILITY EXPOSURES

NH!ISAC"ADVISORY"201.13" NATIONAL"CRITICAL"INFRASTRUCTURE"RESILIENCE"ANALYSIS"REPORT""

Presidential Summit Reveals Cybersecurity Concerns, Trends

Changing Legal Landscape in Cybersecurity: Implications for Business

THE HUMAN FACTOR AT THE CORE OF FEDERAL CYBERSECURITY

Cyber Side-Effects: How Secure is the Personal Information Entered into the Flawed Healthcare.gov? Statement for the Record

Preventing and Defending Against Cyber Attacks June 2011

The Comprehensive National Cybersecurity Initiative

FEDERAL TAX CODE REFORM: WHAT WOULD IT GIVETH AND TAKETH AWAY?

Preventing And Dealing With Cyber Attacks And Data Breaches. Arnold & Porter LLP Lockheed Martin WMACCA February 12, 2014

How To Improve Federal Network Security

Preventing and Defending Against Cyber Attacks November 2010

Brief Documentary History of the Department of Homeland Security

NSA Data Collection and its Impact on Cloud and Outsourcing and Recent Privacy and Security Developments on Capitol Hill

DEPARMTMENT OF HOMELAND SECURITY AUTHORIZATION BILL FOR FY 2008 AND FY 2009 SECTION-BY-SECTION

CYBER-SURVEILLANCE BILL SET TO MOVE TO SENATE FLOOR

An Overview of Large US Military Cybersecurity Organizations

Sample Cybersecurity Legal Services

Political Strategy for Cyber Security

Delving Into FCC's 'Damn Important' Cybersecurity Report

NIST Cybersecurity Framework. ARC World Industry Forum 2014

Liability Management Evolving Cyber and Physical Security Standards and the SAFETY Act

US Cyber Marathon. David Ambrose, Chief Security Officer and Chief Privacy Officer Bureau of the Fiscal Service U.S. Department of the Treasury

National Cyber Threat Information Sharing. System Strengthening Study

ALM Virtual Corporate Counsel Managing Cybersecurity Risks and Mitigating Data Breach Damage

Business Continuity for Cyber Threat

United States House of Representatives United States House of Representatives. Washington, DC Washington, DC 20515

Preventing and Defending Against Cyber Attacks October 2011

How To Make A National Security Agreement Between Dhs And Dod

JOIN THE 2015 CYBERSECURITY CAMPAIGN

Why Cybersecurity Matters in Government Contracting. Robert Nichols, Covington & Burling LLP

Legislative Language

How To Pass Cybersecurity Legislation

Transcription:

Cyber After Snowden Can DC Help Protect Your Networks? Matthew Rhoades, Director, Cyberspace & Security Program

Truman Project Members

Cyberspace & Security Program

Agenda Looking Back How we got here Lame Duck 2015 and beyond

Cybersecurity & Congress 2012-2014

2012: The Debate on Capitol Hill Key Pillars: 1. Critical Infrastructure 2. Information Sharing 3. DHS v. NSA Low-Hanging Fruit: Education/Workforce Research & Development Cyber Awareness FISMA Reform

Securing Critical Infrastructure Mandatory Standards: Cybersecurity Act of 2012 v1.0 (Senate) Voluntary Standards: Cybersecurity Act of 2012 v2.0 (Senate) Market Solution: House of Representatives

Legislating Information Sharing 1. What are you sharing? PII or Threat Signatures? 2. Who are you sharing it with? Civilian Agency? Intelligence Community? Department of Defense? 3. What can it be used for? Limited to specific purposes? 4. What is the Standard of Liability? Full Indemnity? Negligence?

The Interest Groups Baseline Standards Improved Visibility National Security Leaders No Mandates Legal Protection Privacy & Civil Liberties Business (Chamber of Commerce) Anonymize Info Civilian Agency Clear Definitions Negligence Standard

2013: Executive Order 13636 Policy Results: Industry-led, government facilitated best practices (NIST) Increase USG Info Sharing Industry Privacy & Civil Liberties Oversight

A New Agenda for 2013 Political Result: A Smaller Congressional Agenda Critical Infrastructure Information Sharing Role of DHS Education & Workforce Research & Development Awareness FISMA Reform

Cyber Bills Committee United States Senate House of Representatives Homeland Security National Cybersecurity & Communications Integration Center Act DHS Cybersecurity Workforce Recruitment & Retention Act Federal Information Security Amendments Act Commerce Cybersecurity Act of 2013 Intelligence Cyber Information Sharing Act of 2014 National Cybersecurity & Critical Infrastructure Protection Act Critical Infrastructure Research and Development Advancement Act Homeland Security Cybersecurity Boots-on-the- Ground Act Cyber Intelligence Sharing and Protection Act

2014 Lame Duck (Senate)? Must Do: Continuing Resolution Defense Authorization Other Issues? Marketplace Fairness Tax Extenders Attorney General Nom. Nominations Other National Security Issues? AUMF Sec. 215/Sec. 702/FISA Reform Iran

Changing of the Guard On their way out: Mike Rogers (R-MI) House Intelligence Buck McKeon (R-CA) House Armed Services Carl Levin (D-MI) Senate Armed Services Jay Rockefeller (D-WV) Senate Commerce, Science, & Transportation Saxby Chambliss (R-GA) Senate Intelligence Tom Coburn (R-OK) Senate Homeland Security Next in line (?): Jeff Miller (R-FL) House Intelligence Mac Thornberry (R-TX) House Armed Services Jack Reed (D-RI) Senate Armed Services Bill Nelson (D-FL) Senate Commerce, Science, & Transportation Richard Burr (R-NC) Senate Intelligence John McCain (R-AZ) Senate Homeland Security

Truman Members

Crisis Exercise National Security Council Debate: Define what happened & how to respond Scenario: Water Contamination linked to Cyber Hizbollah DDoS on AMEX & Visa linked to SEA

How Would You Advise the President Define the act as: 1. Criminal 2. Armed Attack 3. Unsure Respond by: 4. Diplomatic Means 5. Cover Measures 6. Kinetic Measures 7. Unsure

TruCon Legislative Exercise Begins 30 days after crisis: Scenario: 2 FL power plants offline Goal: Pass legislation 350 Players/54 Teams Congress; Administration; Media; Industry & Advocacy

What would be the centerpiece of your legislation.. 1. Critical Infrastructure Standards 2. Information Sharing 3. Privacy & Civil Liberties 4. Data Breach 5. Research & Development 6. Education & Workforce Development 7. Other

What we learned 1. Inconsistency in response to a crisis 2. In the wake of a crisis, the focus is almost entirely on protecting critical infrastructure 3. In the wake of a crisis, the second priority is developing human resources

Cyber After Snowden Can DC Help Protect Your Networks? Matthew Rhoades, Director, Cyberspace & Security Program

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information