Homeland Security Cyber Strategies & Resources for Resiliency Spring Directors Conference 2013...
-
Upload
elfrieda-shields -
Category
Documents
-
view
223 -
download
4
Transcript of Homeland Security Cyber Strategies & Resources for Resiliency Spring Directors Conference 2013...
![Page 1: Homeland Security Cyber Strategies & Resources for Resiliency Spring Directors Conference 2013 UNCLASSIFIED/FOR OFFICIAL USE ONLY Richard C. Baron Executive.](https://reader030.fdocuments.net/reader030/viewer/2022032723/56649cf85503460f949c8d36/html5/thumbnails/1.jpg)
Homeland Security
Cyber Strategies & Resources for Resiliency
Spring Directors Conference 2013
U N C L A S S I F I E D / F O R O F F I C I A L U S E O N LY
Richard C. BaronExecutive Director
Ohio Homeland SecurityHomeland Security Advisor to Ohio
![Page 2: Homeland Security Cyber Strategies & Resources for Resiliency Spring Directors Conference 2013 UNCLASSIFIED/FOR OFFICIAL USE ONLY Richard C. Baron Executive.](https://reader030.fdocuments.net/reader030/viewer/2022032723/56649cf85503460f949c8d36/html5/thumbnails/2.jpg)
![Page 3: Homeland Security Cyber Strategies & Resources for Resiliency Spring Directors Conference 2013 UNCLASSIFIED/FOR OFFICIAL USE ONLY Richard C. Baron Executive.](https://reader030.fdocuments.net/reader030/viewer/2022032723/56649cf85503460f949c8d36/html5/thumbnails/3.jpg)
What Does Cyber Threat Mean
U N C L A S S I F I E D / F O R O F F I C I A L U S E O N LY
Risk = Threat X Vulnerability X Consequence
Vulnerability= What is the vulnerability
Consequence = What is the consequence
Threat = What is the threat
Risk = What is at risk
![Page 4: Homeland Security Cyber Strategies & Resources for Resiliency Spring Directors Conference 2013 UNCLASSIFIED/FOR OFFICIAL USE ONLY Richard C. Baron Executive.](https://reader030.fdocuments.net/reader030/viewer/2022032723/56649cf85503460f949c8d36/html5/thumbnails/4.jpg)
Cyber Space
U N C L A S S I F I E D / F O R O F F I C I A L U S E O N LY
.com/.net/.org
.mobi/….
Public/Corpoate
Domain
.mil
Military
Domain
.gov/.usGovernmental Domain
![Page 5: Homeland Security Cyber Strategies & Resources for Resiliency Spring Directors Conference 2013 UNCLASSIFIED/FOR OFFICIAL USE ONLY Richard C. Baron Executive.](https://reader030.fdocuments.net/reader030/viewer/2022032723/56649cf85503460f949c8d36/html5/thumbnails/5.jpg)
Cyber Environment
U N C L A S S I F I E D / F O R O F F I C I A L U S E O N LY
Cyberspace is where the Nation stores its treasure (intellectual property) and its wealth (money)
Benefits:
• National security
• Economic competiveness
• Public safety
• Civil liberties & privacy
Information Layer
Physical Infrastructure
Geographic Layer
People
Cyber Identity
Source U.S Cyber Command
![Page 6: Homeland Security Cyber Strategies & Resources for Resiliency Spring Directors Conference 2013 UNCLASSIFIED/FOR OFFICIAL USE ONLY Richard C. Baron Executive.](https://reader030.fdocuments.net/reader030/viewer/2022032723/56649cf85503460f949c8d36/html5/thumbnails/6.jpg)
Changing Environment
U N C L A S S I F I E D / F O R O F F I C I A L U S E O N LY
Source U.S Cyber Command
• Unprecedented rate of change - Consumerization of IT technology
• Mobile Computing• Rapidly expanding environment with companies not focused on
the threats• BYOD – Bring your own device (to work)
• Adoption of the “cloud computing” model• Social Networks• Geographical Information Systems (GIS)
• Integrated real time sensors, telemetry and resource tasking• Multiple sources of data
• Deliberate attacks from Viruses/malware exploiting the changing landscape
![Page 7: Homeland Security Cyber Strategies & Resources for Resiliency Spring Directors Conference 2013 UNCLASSIFIED/FOR OFFICIAL USE ONLY Richard C. Baron Executive.](https://reader030.fdocuments.net/reader030/viewer/2022032723/56649cf85503460f949c8d36/html5/thumbnails/7.jpg)
Threat Actors
U N C L A S S I F I E D / F O R O F F I C I A L U S E O N LY
Source U.S Cyber Command
TERRORIST ACTS
CRIMINALELEMENTS
HACKTIVISTS
FOREIGNINTELLIGENCE SUPPLY CHAIN
VULNERABILITY
WIRELESS ACCESS POINTS
REMOVABLE MEDIA
NEGLIGENT USERS
INSIDER THREATS
THREAT ACTORS THREAT VECTORS
![Page 8: Homeland Security Cyber Strategies & Resources for Resiliency Spring Directors Conference 2013 UNCLASSIFIED/FOR OFFICIAL USE ONLY Richard C. Baron Executive.](https://reader030.fdocuments.net/reader030/viewer/2022032723/56649cf85503460f949c8d36/html5/thumbnails/8.jpg)
Focus of CYBER Security
U N C L A S S I F I E D / F O R O F F I C I A L U S E O N LY
People Systems
![Page 9: Homeland Security Cyber Strategies & Resources for Resiliency Spring Directors Conference 2013 UNCLASSIFIED/FOR OFFICIAL USE ONLY Richard C. Baron Executive.](https://reader030.fdocuments.net/reader030/viewer/2022032723/56649cf85503460f949c8d36/html5/thumbnails/9.jpg)
9
Rick’s Rules #1
U N C L A S S I F I E D / F O R O F F I C I A L U S E O N LY
Source U.S Cyber Command
The time to plan is not at the time of
crisis!
![Page 10: Homeland Security Cyber Strategies & Resources for Resiliency Spring Directors Conference 2013 UNCLASSIFIED/FOR OFFICIAL USE ONLY Richard C. Baron Executive.](https://reader030.fdocuments.net/reader030/viewer/2022032723/56649cf85503460f949c8d36/html5/thumbnails/10.jpg)
10
Rick’s Rules #2
U N C L A S S I F I E D / F O R O F F I C I A L U S E O N LY
The event causing the crisis de jour was most likely not an event that could or
was not anticipated!
![Page 11: Homeland Security Cyber Strategies & Resources for Resiliency Spring Directors Conference 2013 UNCLASSIFIED/FOR OFFICIAL USE ONLY Richard C. Baron Executive.](https://reader030.fdocuments.net/reader030/viewer/2022032723/56649cf85503460f949c8d36/html5/thumbnails/11.jpg)
11
Gordon Graham’s Rule of Risk Management
U N C L A S S I F I E D / F O R O F F I C I A L U S E O N LY
If it is predictable its preventable!
![Page 12: Homeland Security Cyber Strategies & Resources for Resiliency Spring Directors Conference 2013 UNCLASSIFIED/FOR OFFICIAL USE ONLY Richard C. Baron Executive.](https://reader030.fdocuments.net/reader030/viewer/2022032723/56649cf85503460f949c8d36/html5/thumbnails/12.jpg)
12
Significant Trends (Targets – U.S. “vital services”)
Source U.S Cyber Command
UNCLASSIFIED
Exploitation Disruption Destruction
(U//FOUO) Operation Black Summer (#OpBlackSummer) – Orchestrated by hacktivists groups Tunisian Cyber Army (TCA) and the Al Qaeda Electronic Cyber Army. The premise of the operation is to hack into varied U.S. systems, steal information, and release the information in a large data release on 11 September 2013. Main start-date is 31 May 2013.
Examples of the areas already targeted and hacked – U.S. State Department, Army National Guard, Custom and Border Protection, etc.)
Tactic used – SQL injection vulnerabilitiesSub-operation for #OpBlackSummer is called #FridayOfHorror, and usually targets one area following Friday prayer (ex: aviation systems, financial sector, etc.)TCA infiltrated a State of Ohio agency workstation in Chillicothe, OH 19 April 2013. This is currently being investigated by OSP.
U N C L A S S I F I E D / F O R O F F I C I A L U S E O N LY
![Page 13: Homeland Security Cyber Strategies & Resources for Resiliency Spring Directors Conference 2013 UNCLASSIFIED/FOR OFFICIAL USE ONLY Richard C. Baron Executive.](https://reader030.fdocuments.net/reader030/viewer/2022032723/56649cf85503460f949c8d36/html5/thumbnails/13.jpg)
13
Significant Trends (VOIP)
Source U.S Cyber Command
UNCLASSIFIED
(U//FOUO) Telephony Denial of Service (TDoS) – An international issue that involves the flooding of telephone systems from digitalized calls, usually targeting Voice over IP (VoIP) systems. The caller uses a spoofed number, and is usually located overseas in areas such as India. Result of intentional generation of illegitimate computer-generated phone traffic targeting a victim’s phone systemsSome leverage Voice Over Internet Protocol (VOIP) telephone equipmentHas the potential to significantly disrupt legitimate telephone call volume and impact continuity of operations
• Scheme: Payday loan scam or employee debt
• Targets: Public sector entities, including PSAPs, emergency communication centers, and businesses targeted
Exploitation Disruption Destruction
![Page 14: Homeland Security Cyber Strategies & Resources for Resiliency Spring Directors Conference 2013 UNCLASSIFIED/FOR OFFICIAL USE ONLY Richard C. Baron Executive.](https://reader030.fdocuments.net/reader030/viewer/2022032723/56649cf85503460f949c8d36/html5/thumbnails/14.jpg)
14
Significant Trends (VOIP)
Source U.S Cyber Command
UNCLASSIFIED
Ohio Incidents: • Ohio: Nov 2011 – 3 hospital lines flooded,
• Reported in February from Mentor Police Department (Cleveland) – Payday scamLE involved in business call, victim called local PD Then flooded police and fire emergency lines – 5 minutes
• February: Dublin local business received harassing phone calls of employee debt, threatening legal action called 40 times in 2 days.
• Brunswick city school system, Feb 2013 Payday loan scam “lit up all their phones” – VOIP for 2 days, hit off and on.
Exploitation Disruption Destruction
U N C L A S S I F I E D / F O R O F F I C I A L U S E O N LY
![Page 15: Homeland Security Cyber Strategies & Resources for Resiliency Spring Directors Conference 2013 UNCLASSIFIED/FOR OFFICIAL USE ONLY Richard C. Baron Executive.](https://reader030.fdocuments.net/reader030/viewer/2022032723/56649cf85503460f949c8d36/html5/thumbnails/15.jpg)
Presidential Executive Order 21
Policy
It is the policy of the United States to strengthen the security and resilience of its critical infrastructure against both physical and cyber threats. The Federal Government shall work with critical infrastructure owners and operators and SLTT entities to take proactive steps to manage risk and strengthen the security and resilience of the Nation's critical infrastructure, considering all hazards that could have a debilitating impact on national security, economic stability, public health and safety, or any combination thereof. These efforts shall seek to reduce vulnerabilities, minimize consequences, identify and disrupt threats, and hasten response and recovery efforts related to critical infrastructure.
![Page 16: Homeland Security Cyber Strategies & Resources for Resiliency Spring Directors Conference 2013 UNCLASSIFIED/FOR OFFICIAL USE ONLY Richard C. Baron Executive.](https://reader030.fdocuments.net/reader030/viewer/2022032723/56649cf85503460f949c8d36/html5/thumbnails/16.jpg)
U N C L A S S I F I E D / F O R O F F I C I A L U S E O N LY
1. Develop a State Cybersecurity Strategy,2. Appoint a Cybersecurity Committee3. Request and receive regular security briefings4. Practice cyber incident response5. Request attorneys review current IT contracts with vendors for security provisions.6. Ensure that hardware and software are being procured in a “secure manner.”7. Request attorneys review contractual relationships with third party service providers8. Use Multistate Information Sharing and Analysis Centers (ISACs) for intrusion detection and prevention, vulnerability scanning, penetration testing, and training and education services.9. Ensure that security and procurement/acquisition staff receive training and resources10. Identify business continuity and disaster recovery initiatives11. Work with law enforcement to prioritize cybersecurity.12. Use convening authority to raise statewide awareness.
Twelve Steps Governors Can Take to Improve Cybersecurity
![Page 17: Homeland Security Cyber Strategies & Resources for Resiliency Spring Directors Conference 2013 UNCLASSIFIED/FOR OFFICIAL USE ONLY Richard C. Baron Executive.](https://reader030.fdocuments.net/reader030/viewer/2022032723/56649cf85503460f949c8d36/html5/thumbnails/17.jpg)
Cybersecurity, Education, & Economic Development Council
121.92 Cybersecurity, education, and economic development council.
(A) There is hereby created the cybersecurity, education, and economic development council.
(G) The council shall conduct a study and make recommendations regarding both of the following:
(1) Improving the infrastructure of the state's cybersecurity operations with existing resources and through partnerships between government, business, and institutions of higher education;
(2) Specific actions that would accelerate growth of the cybersecurity industry in the state.
![Page 18: Homeland Security Cyber Strategies & Resources for Resiliency Spring Directors Conference 2013 UNCLASSIFIED/FOR OFFICIAL USE ONLY Richard C. Baron Executive.](https://reader030.fdocuments.net/reader030/viewer/2022032723/56649cf85503460f949c8d36/html5/thumbnails/18.jpg)
OHS Strategic Plan
Protection
Goal 3: Reduce risk to statewide infrastructure by implementing the National Infrastructure Protection Plan andeach of the supporting Sector Specific Plans where applicable. Risk reduction programs will address cyber, human, and physical security.
Cyber attacks often occur unnoticed, disrupting commerce and costing an estimated total of $46–70 billion in losses across the U.S.
![Page 19: Homeland Security Cyber Strategies & Resources for Resiliency Spring Directors Conference 2013 UNCLASSIFIED/FOR OFFICIAL USE ONLY Richard C. Baron Executive.](https://reader030.fdocuments.net/reader030/viewer/2022032723/56649cf85503460f949c8d36/html5/thumbnails/19.jpg)
OHS Cyber-Security Strategy
Initiative 1: Share cyber security threat information across the homeland security enterprise.
Initiative 2: Create a cyber security culture in state and local government.
Initiative 3: Partner with the public and private sectors to support their cyber security efforts.
Initiative 4: Identify cyber resources (human and equipment) to leverage for creating cyber incident response teams.
Initiative 5: Raise cyber security awareness across Ohio.
![Page 20: Homeland Security Cyber Strategies & Resources for Resiliency Spring Directors Conference 2013 UNCLASSIFIED/FOR OFFICIAL USE ONLY Richard C. Baron Executive.](https://reader030.fdocuments.net/reader030/viewer/2022032723/56649cf85503460f949c8d36/html5/thumbnails/20.jpg)
Resources Personal & Business Information
![Page 21: Homeland Security Cyber Strategies & Resources for Resiliency Spring Directors Conference 2013 UNCLASSIFIED/FOR OFFICIAL USE ONLY Richard C. Baron Executive.](https://reader030.fdocuments.net/reader030/viewer/2022032723/56649cf85503460f949c8d36/html5/thumbnails/21.jpg)
Resources Public Sector Monitoring
U N C L A S S I F I E D / F O R O F F I C I A L U S E O N LY
Source U.S Cyber Command
21
IT-ISAC members participate in national and homeland security
efforts to strengthen the IT infrastructure through cyber
information sharing and analysis.
Information Technology ISAC
(IT-ISAC)
In February 2010, the Department of Defense (DoD), DHS, and the
FS-ISAC launched a pilot designed to improve the sharing
of sensitive, actionable information.
Financial Services ISAC
(FS-ISAC)
The MS-ISAC provides a common mechanism for raising the level of
cybersecurity readiness and response in state, local, tribal, and
territorial (SLTT) governments.
Multi-State ISAC
(MS-ISAC)
![Page 22: Homeland Security Cyber Strategies & Resources for Resiliency Spring Directors Conference 2013 UNCLASSIFIED/FOR OFFICIAL USE ONLY Richard C. Baron Executive.](https://reader030.fdocuments.net/reader030/viewer/2022032723/56649cf85503460f949c8d36/html5/thumbnails/22.jpg)
22
Resources – SAIC Daily Briefing
U N C L A S S I F I E D / F O R O F F I C I A L U S E O N LY
![Page 23: Homeland Security Cyber Strategies & Resources for Resiliency Spring Directors Conference 2013 UNCLASSIFIED/FOR OFFICIAL USE ONLY Richard C. Baron Executive.](https://reader030.fdocuments.net/reader030/viewer/2022032723/56649cf85503460f949c8d36/html5/thumbnails/23.jpg)
U N C L A S S I F I E D F O R O F F I C I A L U S E O N L Y
Source U.S Cyber Command
UNCLASSIFIED
23
U N C L A S S I F I E D / F O R O F F I C I A L U S E O N LY
![Page 24: Homeland Security Cyber Strategies & Resources for Resiliency Spring Directors Conference 2013 UNCLASSIFIED/FOR OFFICIAL USE ONLY Richard C. Baron Executive.](https://reader030.fdocuments.net/reader030/viewer/2022032723/56649cf85503460f949c8d36/html5/thumbnails/24.jpg)
24
Resources – SAIC Daily Briefing
U N C L A S S I F I E D / F O R O F F I C I A L U S E O N LY
![Page 25: Homeland Security Cyber Strategies & Resources for Resiliency Spring Directors Conference 2013 UNCLASSIFIED/FOR OFFICIAL USE ONLY Richard C. Baron Executive.](https://reader030.fdocuments.net/reader030/viewer/2022032723/56649cf85503460f949c8d36/html5/thumbnails/25.jpg)
Questions & Discussion
U N C L A S S I F I E D / F O R O F F I C I A L U S E O N LY
?
![Page 26: Homeland Security Cyber Strategies & Resources for Resiliency Spring Directors Conference 2013 UNCLASSIFIED/FOR OFFICIAL USE ONLY Richard C. Baron Executive.](https://reader030.fdocuments.net/reader030/viewer/2022032723/56649cf85503460f949c8d36/html5/thumbnails/26.jpg)
Contact Information
U N C L A S S I F I E D / F O R O F F I C I A L U S E O N LY