Cyber Resilience during COVID-19 · security and resilience of America’s critical infrastructure...
Transcript of Cyber Resilience during COVID-19 · security and resilience of America’s critical infrastructure...
![Page 1: Cyber Resilience during COVID-19 · security and resilience of America’s critical infrastructure In support of that mission, Cybersecurity Advisors (CSAs): •Assess:Evaluate critical](https://reader030.fdocuments.net/reader030/viewer/2022041121/5f35f5f09d286525b77813f1/html5/thumbnails/1.jpg)
Ron FordRegion 1 Cybersecurity Advisor – New England
Cyber Resilience during
COVID-19
![Page 2: Cyber Resilience during COVID-19 · security and resilience of America’s critical infrastructure In support of that mission, Cybersecurity Advisors (CSAs): •Assess:Evaluate critical](https://reader030.fdocuments.net/reader030/viewer/2022041121/5f35f5f09d286525b77813f1/html5/thumbnails/2.jpg)
CISA ROLE
Risk Management during COVID-19
Best Practices
![Page 3: Cyber Resilience during COVID-19 · security and resilience of America’s critical infrastructure In support of that mission, Cybersecurity Advisors (CSAs): •Assess:Evaluate critical](https://reader030.fdocuments.net/reader030/viewer/2022041121/5f35f5f09d286525b77813f1/html5/thumbnails/3.jpg)
![Page 4: Cyber Resilience during COVID-19 · security and resilience of America’s critical infrastructure In support of that mission, Cybersecurity Advisors (CSAs): •Assess:Evaluate critical](https://reader030.fdocuments.net/reader030/viewer/2022041121/5f35f5f09d286525b77813f1/html5/thumbnails/4.jpg)
We are the Nation’s Risk AdvisorsCISA leads national risk management for cyber and physical infrastructure
![Page 5: Cyber Resilience during COVID-19 · security and resilience of America’s critical infrastructure In support of that mission, Cybersecurity Advisors (CSAs): •Assess:Evaluate critical](https://reader030.fdocuments.net/reader030/viewer/2022041121/5f35f5f09d286525b77813f1/html5/thumbnails/5.jpg)
![Page 6: Cyber Resilience during COVID-19 · security and resilience of America’s critical infrastructure In support of that mission, Cybersecurity Advisors (CSAs): •Assess:Evaluate critical](https://reader030.fdocuments.net/reader030/viewer/2022041121/5f35f5f09d286525b77813f1/html5/thumbnails/6.jpg)
6
CISACybersecurity Advisor Program
![Page 7: Cyber Resilience during COVID-19 · security and resilience of America’s critical infrastructure In support of that mission, Cybersecurity Advisors (CSAs): •Assess:Evaluate critical](https://reader030.fdocuments.net/reader030/viewer/2022041121/5f35f5f09d286525b77813f1/html5/thumbnails/7.jpg)
7
CISA mission: Lead the collaborative national effort to strengthen the security and resilience of America’s critical infrastructure
In support of that mission, Cybersecurity Advisors (CSAs):
• Assess: Evaluate critical infrastructure cyber risk.
• Promote: Encourage best practices and risk mitigation strategies.
• Build: Initiate, develop capacity, and support cyber communities-of-interest and working groups.
• Educate: Inform and raise awareness.
• Listen: Collect stakeholder requirements.
• Coordinate: Bring together incident support and lessons learned.
Cybersecurity Advisor Program
![Page 9: Cyber Resilience during COVID-19 · security and resilience of America’s critical infrastructure In support of that mission, Cybersecurity Advisors (CSAs): •Assess:Evaluate critical](https://reader030.fdocuments.net/reader030/viewer/2022041121/5f35f5f09d286525b77813f1/html5/thumbnails/9.jpg)
HomelandSecurity Office of Cybersecurity and Communications
9
CISA Insights on COVID-19
• Risk Management for Novel Coronavirus (COVID-19)
• This product is for executives to help them think through physical, supply chain, and cybersecurity issues that may arise from the spread from of COVID-19.
• What’s in this guide:• Actions for Infrastructure Protection • Actions for your Supply Chain • Cybersecurity for Organizations • Cybersecurity Actions for your Workforce and Consumers
• To stay current with CISA’s efforts regarding the COVID-19, visit: cisa.gov/coronavirus.
![Page 10: Cyber Resilience during COVID-19 · security and resilience of America’s critical infrastructure In support of that mission, Cybersecurity Advisors (CSAs): •Assess:Evaluate critical](https://reader030.fdocuments.net/reader030/viewer/2022041121/5f35f5f09d286525b77813f1/html5/thumbnails/10.jpg)
10
CISA Cyber Essentials
• Cyber Essentials Toolkit: https://www.cisa.gov/cyber-essentials
• National Cyber Security Alliance: www. staysafeonline.org
• Hybrid work models may be possible where some workers may work on-premise and off-premise.
• Telework capability has certainly become extremely important during COVID-19 and stress-tested organizations’ capabilities on IT deployment, workload, and management as well as addressing security challenges.
![Page 11: Cyber Resilience during COVID-19 · security and resilience of America’s critical infrastructure In support of that mission, Cybersecurity Advisors (CSAs): •Assess:Evaluate critical](https://reader030.fdocuments.net/reader030/viewer/2022041121/5f35f5f09d286525b77813f1/html5/thumbnails/11.jpg)
11
Cyber Threat Landscape
11
![Page 12: Cyber Resilience during COVID-19 · security and resilience of America’s critical infrastructure In support of that mission, Cybersecurity Advisors (CSAs): •Assess:Evaluate critical](https://reader030.fdocuments.net/reader030/viewer/2022041121/5f35f5f09d286525b77813f1/html5/thumbnails/12.jpg)
12
Ever Expanding Attack Surface
![Page 13: Cyber Resilience during COVID-19 · security and resilience of America’s critical infrastructure In support of that mission, Cybersecurity Advisors (CSAs): •Assess:Evaluate critical](https://reader030.fdocuments.net/reader030/viewer/2022041121/5f35f5f09d286525b77813f1/html5/thumbnails/13.jpg)
HomelandSecurity Office of Cybersecurity and Communications
13
Cyber Threat Landscape
• May 23, 2020: Joint Announcement on Chinese Govt Targeting of COVID-19 Research Organizations,
• May 13, 2020, CISA updated the Cyber Resource Hub, which list free and available cybersecurity assessments
• May 12, 2020: CISA and the FBI published Cyber Alert (AA20-133A), Top 10 Most Exploited Vulnerabilities between 2016-2019
*The Health Sector is especially vulnerable to cyber threats
![Page 14: Cyber Resilience during COVID-19 · security and resilience of America’s critical infrastructure In support of that mission, Cybersecurity Advisors (CSAs): •Assess:Evaluate critical](https://reader030.fdocuments.net/reader030/viewer/2022041121/5f35f5f09d286525b77813f1/html5/thumbnails/14.jpg)
§ Ransomware§ Phishing Campaigns & Business E-mail Compromise§ Lack of Software Patching§ Misconfiguration of Technology§ Supply Chain (Hardware, Software, Cloud Services)§ Advanced Persistent Threats (Organized, Well-funded, Highly-capable
Groups)§ Internet of Things (IoT)§ Insider Threats (Intentional & Unintentional)§ Weak Passwords
*All listed will increase the likelihood of a compromise or service disruption.
Most Common Cyber Threats
![Page 15: Cyber Resilience during COVID-19 · security and resilience of America’s critical infrastructure In support of that mission, Cybersecurity Advisors (CSAs): •Assess:Evaluate critical](https://reader030.fdocuments.net/reader030/viewer/2022041121/5f35f5f09d286525b77813f1/html5/thumbnails/15.jpg)
15
Cybersecurity and Resilience
15
![Page 16: Cyber Resilience during COVID-19 · security and resilience of America’s critical infrastructure In support of that mission, Cybersecurity Advisors (CSAs): •Assess:Evaluate critical](https://reader030.fdocuments.net/reader030/viewer/2022041121/5f35f5f09d286525b77813f1/html5/thumbnails/16.jpg)
16
• Consider your health.
• How do you become healthy?• Can you buy good health? • Can you “manufacture” good
health?
• You can’t buy it in a product.
• Good health and resilience are both emergent properties.
• They develop – or emerge – from what we do.
Resilience Emerges From What You Do
![Page 17: Cyber Resilience during COVID-19 · security and resilience of America’s critical infrastructure In support of that mission, Cybersecurity Advisors (CSAs): •Assess:Evaluate critical](https://reader030.fdocuments.net/reader030/viewer/2022041121/5f35f5f09d286525b77813f1/html5/thumbnails/17.jpg)
17
• Periodic assessments are essential for resilience, helping you:
• Measure your cybersecurity efforts• Manage improvements over time
Criticality of Periodic Assessments
![Page 18: Cyber Resilience during COVID-19 · security and resilience of America’s critical infrastructure In support of that mission, Cybersecurity Advisors (CSAs): •Assess:Evaluate critical](https://reader030.fdocuments.net/reader030/viewer/2022041121/5f35f5f09d286525b77813f1/html5/thumbnails/18.jpg)
18
Working toward Cyber Resilience
Follow a framework or general approach to cyber resilience. One successful approach includes:
IdentifyServices
Create Asset Inventory
Protect & SustainAssets
Manage Disruptions
Exerciseand Improve
Identify and prioritize services
Identify assets and align assets to services and inventory assets
Establish risk management, resilience requirements, control objectives, and controls
Establish continuity requirements for assets and develop service continuity plans
Define objectives for cyber exercises, perform exercises, and evaluate results
Process Management and Improvement
![Page 19: Cyber Resilience during COVID-19 · security and resilience of America’s critical infrastructure In support of that mission, Cybersecurity Advisors (CSAs): •Assess:Evaluate critical](https://reader030.fdocuments.net/reader030/viewer/2022041121/5f35f5f09d286525b77813f1/html5/thumbnails/19.jpg)
19
CISA Cybersecurity Services
19
![Page 20: Cyber Resilience during COVID-19 · security and resilience of America’s critical infrastructure In support of that mission, Cybersecurity Advisors (CSAs): •Assess:Evaluate critical](https://reader030.fdocuments.net/reader030/viewer/2022041121/5f35f5f09d286525b77813f1/html5/thumbnails/20.jpg)
20
Sampling of Cybersecurity Offerings
Preparedness Assistance:
• Cybersecurity Advisors• Advisory Services• Assessments• Working group collaboration• Best Practices • Incident assistance coordination
• Protective Security Advisors • Assessments• Incident liaisons between government and
private sector• Support for National Special Security
Events
![Page 21: Cyber Resilience during COVID-19 · security and resilience of America’s critical infrastructure In support of that mission, Cybersecurity Advisors (CSAs): •Assess:Evaluate critical](https://reader030.fdocuments.net/reader030/viewer/2022041121/5f35f5f09d286525b77813f1/html5/thumbnails/21.jpg)
21
• Cyber Resilience Review (Strategic)
• External Dependencies Management (Strategic)
• Cyber Infrastructure Survey (Strategic)
• Cybersecurity Evaluations Tool (Strategic/Technical)
• Phishing Campaign Assessment (EVERYONE)
• Vulnerability Scanning / Hygiene (Technical)
• Validated Architecture Design Review (Technical)
• Risk and Vulnerability Assessment (Technical)
Range of Cybersecurity Assessments (Voluntary & No-Cost to You)
TECHNICAL(Network-Administrator Level)
STRATEGIC(C-Suite Level)
Tech
nica
lSt
rate
gic
![Page 22: Cyber Resilience during COVID-19 · security and resilience of America’s critical infrastructure In support of that mission, Cybersecurity Advisors (CSAs): •Assess:Evaluate critical](https://reader030.fdocuments.net/reader030/viewer/2022041121/5f35f5f09d286525b77813f1/html5/thumbnails/22.jpg)
22
BEST PRACTICES
Leadership Must OWN the Issue
Good Cyber Hygiene – Blocking and Tackling
Risk Management –What Can I Accept?
Balance Security, Mission and Privacy
Be Prepared –EXERCISE
Defend and Continue to Operate
Leverage Relationships
MAKE YOUR OWN LUCK!
![Page 23: Cyber Resilience during COVID-19 · security and resilience of America’s critical infrastructure In support of that mission, Cybersecurity Advisors (CSAs): •Assess:Evaluate critical](https://reader030.fdocuments.net/reader030/viewer/2022041121/5f35f5f09d286525b77813f1/html5/thumbnails/23.jpg)
QUESTIONS?
![Page 24: Cyber Resilience during COVID-19 · security and resilience of America’s critical infrastructure In support of that mission, Cybersecurity Advisors (CSAs): •Assess:Evaluate critical](https://reader030.fdocuments.net/reader030/viewer/2022041121/5f35f5f09d286525b77813f1/html5/thumbnails/24.jpg)
Contact UsReport Cyber Incidents:DHS/CISA24/7 Line: [email protected]://www.us-cert.gov/report
MS-ISAChttps://www.cisecurity.org/ms-isac/24/7 Line: [email protected]://www.cisecurity.org/isac/report-an-incident/
24
Ron FordDHS/CISA Cybersecurity Advisor Region 1 - New [email protected]@cisa.dhs.govwww.cisa.gov/cybersecurity
![Page 25: Cyber Resilience during COVID-19 · security and resilience of America’s critical infrastructure In support of that mission, Cybersecurity Advisors (CSAs): •Assess:Evaluate critical](https://reader030.fdocuments.net/reader030/viewer/2022041121/5f35f5f09d286525b77813f1/html5/thumbnails/25.jpg)