SlideShare uma empresa Scribd logo

WA State Cyber Response

Transferir como PPTX, PDF
E
Emily2014
TecnologiaNegócios
1 de 17
Washington Military Department Cyber Perspectives and Response Planning Lt Col Gent Welsh Chief Information Officer/J6
Agenda • National Perspectives & Background • WA State Cyber Planning • Steady State/Significant Relationships • WA State Cyber CONOPS • Washington State Significant Cyber Incident Annex • Exercise Concepts • Accomplishments • Questions
National Perspectives – 9/11 Commission Report (22 July 2004, Chapter 11, Foresight and Hindsight): “We believe that the 9/11 attacks revealed four kinds of failures—in imagination, policy, capabilities, and management.” – Senator Joe Lieberman (14 Feb 12, Senate Floor): “I know it is February 14, 2012, but I fear that when it comes to protecting America from cyber-attack it is September 10, 2001, and the question is whether we will confront this existential threat before it happens?” – Secretary of Defense Panetta (11 Oct 12, New York): “…the collective result of these kind of attacks could be a cyber Pearl Harbor; an attack that would cause physical destruction and the loss of life. In fact, it would paralyze and shock the nation and create a new, profound sense of vulnerability.” – President Obama (21 Nov 12): “The cyber threat to critical infrastructure continues to grow and represents one of the most serious national security challenges we must confront.” – Defense Science Board (Jan 13): “The US cannot be confident that our critical IT systems will work under attack from a sophisticated and well- resourced opponent…”
Background • In Jan of 2012… – Washington State did not have a comprehensive strategy to confront the challenges of cyber security – No “whole of government” dialogue on the issue – Any plans existed solely at the individual state agency level – Cyber was an IT problem…not an Operational issue – The Comprehensive Emergency Management Plan (CEMP) mentioned cyber twice in 119 pages – We lacked imagination, policy, capabilities, and management on the cyber issue • By March of 2012… – TAG/Homeland Security Advisor sponsored a Cyber Integrated Project Team along the lines of the Domestic Security Executive Group (DSEG) model – Used Emergency Support Function 2 (Communications) as the foundation – State CIO established “Security” as his #1 priority in Technology Strategy Document
Washington State Cyber Integrated Project Team TAG/Homeland Security Advisor rapidly organizing key state agencies involved in cyber planning, response, mitigation Objectives: 1. Develop a Washington State Cyber Incident Annex based on National Cyber Incident Response Plan 2. Develop a domestic Cyber Planning and Response Concept of Operations that crosswalks National Guard cyber capabilities with state domestic cyber requirements 3. Create a “bottom up” state cyber response planning forum (requirements, capabilities, action plan) for others in FEMA Region X and nationally that leverages the “Cyber Center of Excellence” found in the Pacific Northwest …already accomplishing 8 of the 12 objectives in the NGA “12 Steps to Secure Cyberspace”
Steady State - Cyber Day to day operations Independent plans and processes Limited coordination Multiple lines of communication Private Industry Critical Infrastructure State Government Other Governments (County, Local) Department of Homeland Security (NCCIC) Military Department
Significant Event - Cyber Post State of Emergency Coordinated processes Simplified lines of communication Private Industry Critical Infrastructure State Government Other Governments (County, Local) Department of Homeland Security (NCCIC) Military Department (Cyber Unified Coordination Group)
View Cyber as a Continuum How can the National Guard support the domestic cyber continuum? • Disaster Recovery • Cyber Continuity of Government (COOP) • Law Enforcement Support • Incident Response Teams • Forensics • Root Cause • Attribution • Vulnerability Identification and Remediation • System Security standard consultation • Compliance reviews • Exercise support • Project team
NG Domestic Cyber CONOPS – Now OPLAN • Defines the requirement • Matches requirement to NG capabilities • Addresses “cyber resource type” issues • Takes a holistic perspective
WA State Significant Cyber Incident Annex CEMP designed as an “All Hazards” Emergency Management Plan - Domestic cyber issues managed as “All Hazard” along with other natural and manmade disasters Significant Cyber Incident Annex (Annex D - under development) - Working draft ready now - Validation during DHS tabletop exercises in Sept and Nov 2013
Significant Cyber Incident Escalation Pathway Cyber UCG Activation (CEMP Annex D - Cyber) State of Emergency Declaration (Significant Cyber Incident) EOC Activation (Local Govt or Private Sector) Addl Resources Needed Cyber Incident (Not able to be contained locally)
Cyber Unified Coordination Group Governor Cyber Unified Coordination Group WMD/CIO OCIOTAG/HSA WSP City of Seattle/CISO WSFC FBICTS/CISO Operations Finance/ Admin LogisticsPlanning Coordinate resource requests Cyber Resource Types Set priorities Set objectives •Prioritize, allocate, and deconflict resources • Manage key Federal and State resources •Develop and maintain statewide situational awareness Incident Site Command Mission Tasks/Assignments Federal Agencies/ DOD National Guard Resources placed under direct control of recipient Resources remaining under Federal/State control Logistical support for integration and utilization of resources Regional Mutual Aid Coordinators Operational Area EOCs and Mutual Aid Coordinators Other Resource Types Incident Response Teams Command and control of incident response Affected CIKR Sectors
Cyber UCG Coordination Framework Private Industry Critical Infrastructure State Government Other Governments (County, Local) Department of Homeland Security (NCCIC) Cyber Unified Coordination Group WA State EOC NSA/CYBERCOM Federal Interagency Resource Types Priorities 1. Prioritize, allocate, and deconflict resources 2. Manage key Federal and State resources 3. Develop and maintain statewide situational awareness
Cyber Exercises - 2013 Dates: Sept and Nov 2013 Locations: Fusion Center, participating sites Facilitator/Planner: DHS, WMD, Industry Participants: Cyber UCG, DHS, CIKR Sector Reps (SnoPUD, Avista) Objectives: 1. Validate WA State UCG Concept and WACIA plan 2. Integrate actual WA CIKR (energy) sector player 3. Validate communications processes 4. Develop WA state cyber resource types 5. Validate WNG response CONOPS for a significant cyber incident response
Accomplishments to date FY12 DHS HLS Grant – $80k to OCIO for domestic cyber planning (June 12) – $40k matching funds to hire state Cyber Policy Coordinator – $25k for National Guard penetration testing of cyber critical infrastructure (in State Active Duty) – $15k to begin development of state-wide cyber critical infrastructure response plan DHS Cyberstorm IV exercise (14-15 Aug 12) – Hosted by WA Consolidated Technology Services – Capture issues/gaps for potential FY13 DHS grant funding – Left participants “wanting more…” TAG/HSA appointment letter (1 Apr 13) – TAG/HSA “Senior Official” and Military Department “Lead Agency” for Cyber coord
Three Final Points • The Washington Military Department/National Guard has a unique role in domestic cyber… • Information sharing/formalize relationships • Partnerships, partnerships, partnerships…
Questions?

Recomendados

Effective Cybersecurity Communication Skills
Effective Cybersecurity Communication SkillsEffective Cybersecurity Communication Skills
Effective Cybersecurity Communication SkillsJack Whitsitt
 
NIST Cybersecurity Framework Background and Review | Jack Whitsitt
NIST Cybersecurity Framework Background and Review | Jack WhitsittNIST Cybersecurity Framework Background and Review | Jack Whitsitt
NIST Cybersecurity Framework Background and Review | Jack WhitsittJack Whitsitt
 
VFAC REVIEW issue12_extract_2016
VFAC REVIEW issue12_extract_2016VFAC REVIEW issue12_extract_2016
VFAC REVIEW issue12_extract_2016Cameron Brown
 
20070717 release
20070717 release20070717 release
20070717 releaseeditprofile
 
Seven tips for writing customer case studies that sell
Seven tips for writing customer case studies that sellSeven tips for writing customer case studies that sell
Seven tips for writing customer case studies that sellDavidDodd
 
A study on the entrepreneurial intention among students
A study on the entrepreneurial intention among students A study on the entrepreneurial intention among students
A study on the entrepreneurial intention among students IAEME Publication
 
An emprirical investigation into factors affecting service quality among indi...
An emprirical investigation into factors affecting service quality among indi...An emprirical investigation into factors affecting service quality among indi...
An emprirical investigation into factors affecting service quality among indi...IAEME Publication
 
Financialization, Rentier Interests, and Central Bank Policy
Financialization, Rentier Interests, and Central Bank PolicyFinancialization, Rentier Interests, and Central Bank Policy
Financialization, Rentier Interests, and Central Bank PolicyConor McCabe
 

Recomendados

Effective Cybersecurity Communication Skills
Effective Cybersecurity Communication SkillsEffective Cybersecurity Communication Skills
Effective Cybersecurity Communication SkillsJack Whitsitt
 
NIST Cybersecurity Framework Background and Review | Jack Whitsitt
NIST Cybersecurity Framework Background and Review | Jack WhitsittNIST Cybersecurity Framework Background and Review | Jack Whitsitt
NIST Cybersecurity Framework Background and Review | Jack WhitsittJack Whitsitt
 
VFAC REVIEW issue12_extract_2016
VFAC REVIEW issue12_extract_2016VFAC REVIEW issue12_extract_2016
VFAC REVIEW issue12_extract_2016Cameron Brown
 
20070717 release
20070717 release20070717 release
20070717 releaseeditprofile
 
Seven tips for writing customer case studies that sell
Seven tips for writing customer case studies that sellSeven tips for writing customer case studies that sell
Seven tips for writing customer case studies that sellDavidDodd
 
A study on the entrepreneurial intention among students
A study on the entrepreneurial intention among students A study on the entrepreneurial intention among students
A study on the entrepreneurial intention among students IAEME Publication
 
An emprirical investigation into factors affecting service quality among indi...
An emprirical investigation into factors affecting service quality among indi...An emprirical investigation into factors affecting service quality among indi...
An emprirical investigation into factors affecting service quality among indi...IAEME Publication
 
Financialization, Rentier Interests, and Central Bank Policy
Financialization, Rentier Interests, and Central Bank PolicyFinancialization, Rentier Interests, and Central Bank Policy
Financialization, Rentier Interests, and Central Bank PolicyConor McCabe
 
Cyber security-in-india-present-status
Cyber security-in-india-present-statusCyber security-in-india-present-status
Cyber security-in-india-present-statusRama Reddy
 
Introduction to National Critical Infrastructure Cyber Security: Background a...
Introduction to National Critical Infrastructure Cyber Security: Background a...Introduction to National Critical Infrastructure Cyber Security: Background a...
Introduction to National Critical Infrastructure Cyber Security: Background a...Jack Whitsitt
 
Is 2014 the year for Cyber Militias ?
Is 2014 the year for Cyber Militias ?Is 2014 the year for Cyber Militias ?
Is 2014 the year for Cyber Militias ?David Sweigert
 
HM502Unit 5 DQTopic 1 Infrastructure ProtectionA detailed
HM502Unit 5 DQTopic 1 Infrastructure ProtectionA detailedHM502Unit 5 DQTopic 1 Infrastructure ProtectionA detailed
HM502Unit 5 DQTopic 1 Infrastructure ProtectionA detailedSusanaFurman449
 
Marriage of Cyber Security with Emergency Management - Congress
Marriage of Cyber Security with Emergency Management - CongressMarriage of Cyber Security with Emergency Management - Congress
Marriage of Cyber Security with Emergency Management - CongressDavid Sweigert
 
Marriage of Cyber Security with Emergency Management -- NEMA
Marriage of Cyber Security with Emergency Management -- NEMAMarriage of Cyber Security with Emergency Management -- NEMA
Marriage of Cyber Security with Emergency Management -- NEMADavid Sweigert
 
CST 20363 Session 6 Cybersecurity Policy
CST 20363 Session 6 Cybersecurity PolicyCST 20363 Session 6 Cybersecurity Policy
CST 20363 Session 6 Cybersecurity Policyoudesign
 
Sputnik Education Reform Movement
Sputnik Education Reform MovementSputnik Education Reform Movement
Sputnik Education Reform MovementJennifer Reither
 
Larry KeaslerAs part of the nation’s 16 Critical Infrastructure .docx
Larry KeaslerAs part of the nation’s 16 Critical Infrastructure .docxLarry KeaslerAs part of the nation’s 16 Critical Infrastructure .docx
Larry KeaslerAs part of the nation’s 16 Critical Infrastructure .docxsmile790243
 
Brian Wrote There is a wide range of cybersecurity initiatives .docx
Brian Wrote There is a wide range of cybersecurity initiatives .docxBrian Wrote There is a wide range of cybersecurity initiatives .docx
Brian Wrote There is a wide range of cybersecurity initiatives .docxhartrobert670
 
Modernizing Dept of Homeland Security for CFAA investigations
Modernizing Dept of Homeland Security for CFAA investigationsModernizing Dept of Homeland Security for CFAA investigations
Modernizing Dept of Homeland Security for CFAA investigationsDavid Sweigert
 
Comprehensive U.S. Cyber Framework Final Report
Comprehensive U.S. Cyber Framework Final ReportComprehensive U.S. Cyber Framework Final Report
Comprehensive U.S. Cyber Framework Final ReportLandon Harrell
 
Prof E Hewitt
Prof E HewittProf E Hewitt
Prof E HewittErrol Hewitt. MSCP, BA
 
Raduenzel_Mark_ResearchPaper_NSEC506_Fall2015
Raduenzel_Mark_ResearchPaper_NSEC506_Fall2015Raduenzel_Mark_ResearchPaper_NSEC506_Fall2015
Raduenzel_Mark_ResearchPaper_NSEC506_Fall2015Mark Raduenzel
 
SEWERLOCK AND TELECOMLOCK INFRASTRUCTURE ASSETS
SEWERLOCK AND TELECOMLOCK INFRASTRUCTURE ASSETSSEWERLOCK AND TELECOMLOCK INFRASTRUCTURE ASSETS
SEWERLOCK AND TELECOMLOCK INFRASTRUCTURE ASSETSS. F. (Sid) Nash
 
Bringing order to chaos ahmp conf sept12 - rd
Bringing order to chaos ahmp conf sept12 - rdBringing order to chaos ahmp conf sept12 - rd
Bringing order to chaos ahmp conf sept12 - rdGail Kulisch
 
Global CCISO Forum 2018 | John Felker "Partnerships to Address Threats"
Global CCISO Forum 2018 | John Felker "Partnerships to Address Threats" Global CCISO Forum 2018 | John Felker "Partnerships to Address Threats"
Global CCISO Forum 2018 | John Felker "Partnerships to Address Threats"EC-Council
 
Event: George Washington University -- National Security Threat Convergence: ...
Event: George Washington University -- National Security Threat Convergence: ...Event: George Washington University -- National Security Threat Convergence: ...
Event: George Washington University -- National Security Threat Convergence: ...Chuck Brooks
 
Case studies in cybersecurity strategies
Case studies in cybersecurity strategiesCase studies in cybersecurity strategies
Case studies in cybersecurity strategiesEyesOpen Association
 
Newsletter: BDPA Washington DC (Oct 2011)
Newsletter: BDPA Washington DC (Oct 2011)Newsletter: BDPA Washington DC (Oct 2011)
Newsletter: BDPA Washington DC (Oct 2011)BDPA Education and Technology Foundation
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 

Mais conteúdo relacionado

Semelhante a WA State Cyber Response

Cyber security-in-india-present-status
Cyber security-in-india-present-statusCyber security-in-india-present-status
Cyber security-in-india-present-statusRama Reddy
 
Introduction to National Critical Infrastructure Cyber Security: Background a...
Introduction to National Critical Infrastructure Cyber Security: Background a...Introduction to National Critical Infrastructure Cyber Security: Background a...
Introduction to National Critical Infrastructure Cyber Security: Background a...Jack Whitsitt
 
Is 2014 the year for Cyber Militias ?
Is 2014 the year for Cyber Militias ?Is 2014 the year for Cyber Militias ?
Is 2014 the year for Cyber Militias ?David Sweigert
 
HM502Unit 5 DQTopic 1 Infrastructure ProtectionA detailed
HM502Unit 5 DQTopic 1 Infrastructure ProtectionA detailedHM502Unit 5 DQTopic 1 Infrastructure ProtectionA detailed
HM502Unit 5 DQTopic 1 Infrastructure ProtectionA detailedSusanaFurman449
 
Marriage of Cyber Security with Emergency Management - Congress
Marriage of Cyber Security with Emergency Management - CongressMarriage of Cyber Security with Emergency Management - Congress
Marriage of Cyber Security with Emergency Management - CongressDavid Sweigert
 
Marriage of Cyber Security with Emergency Management -- NEMA
Marriage of Cyber Security with Emergency Management -- NEMAMarriage of Cyber Security with Emergency Management -- NEMA
Marriage of Cyber Security with Emergency Management -- NEMADavid Sweigert
 
CST 20363 Session 6 Cybersecurity Policy
CST 20363 Session 6 Cybersecurity PolicyCST 20363 Session 6 Cybersecurity Policy
CST 20363 Session 6 Cybersecurity Policyoudesign
 
Sputnik Education Reform Movement
Sputnik Education Reform MovementSputnik Education Reform Movement
Sputnik Education Reform MovementJennifer Reither
 
Larry KeaslerAs part of the nation’s 16 Critical Infrastructure .docx
Larry KeaslerAs part of the nation’s 16 Critical Infrastructure .docxLarry KeaslerAs part of the nation’s 16 Critical Infrastructure .docx
Larry KeaslerAs part of the nation’s 16 Critical Infrastructure .docxsmile790243
 
Brian Wrote There is a wide range of cybersecurity initiatives .docx
Brian Wrote There is a wide range of cybersecurity initiatives .docxBrian Wrote There is a wide range of cybersecurity initiatives .docx
Brian Wrote There is a wide range of cybersecurity initiatives .docxhartrobert670
 
Modernizing Dept of Homeland Security for CFAA investigations
Modernizing Dept of Homeland Security for CFAA investigationsModernizing Dept of Homeland Security for CFAA investigations
Modernizing Dept of Homeland Security for CFAA investigationsDavid Sweigert
 
Comprehensive U.S. Cyber Framework Final Report
Comprehensive U.S. Cyber Framework Final ReportComprehensive U.S. Cyber Framework Final Report
Comprehensive U.S. Cyber Framework Final ReportLandon Harrell
 
Raduenzel_Mark_ResearchPaper_NSEC506_Fall2015
Raduenzel_Mark_ResearchPaper_NSEC506_Fall2015Raduenzel_Mark_ResearchPaper_NSEC506_Fall2015
Raduenzel_Mark_ResearchPaper_NSEC506_Fall2015Mark Raduenzel
 
SEWERLOCK AND TELECOMLOCK INFRASTRUCTURE ASSETS
SEWERLOCK AND TELECOMLOCK INFRASTRUCTURE ASSETSSEWERLOCK AND TELECOMLOCK INFRASTRUCTURE ASSETS
SEWERLOCK AND TELECOMLOCK INFRASTRUCTURE ASSETSS. F. (Sid) Nash
 
Bringing order to chaos ahmp conf sept12 - rd
Bringing order to chaos ahmp conf sept12 - rdBringing order to chaos ahmp conf sept12 - rd
Bringing order to chaos ahmp conf sept12 - rdGail Kulisch
 
Global CCISO Forum 2018 | John Felker "Partnerships to Address Threats"
Global CCISO Forum 2018 | John Felker "Partnerships to Address Threats" Global CCISO Forum 2018 | John Felker "Partnerships to Address Threats"
Global CCISO Forum 2018 | John Felker "Partnerships to Address Threats"EC-Council
 
Event: George Washington University -- National Security Threat Convergence: ...
Event: George Washington University -- National Security Threat Convergence: ...Event: George Washington University -- National Security Threat Convergence: ...
Event: George Washington University -- National Security Threat Convergence: ...Chuck Brooks
 
Case studies in cybersecurity strategies
Case studies in cybersecurity strategiesCase studies in cybersecurity strategies
Case studies in cybersecurity strategiesEyesOpen Association
 

Semelhante a WA State Cyber Response (20)

Cyber security-in-india-present-status
Cyber security-in-india-present-statusCyber security-in-india-present-status
Cyber security-in-india-present-status
 
Introduction to National Critical Infrastructure Cyber Security: Background a...
Introduction to National Critical Infrastructure Cyber Security: Background a...Introduction to National Critical Infrastructure Cyber Security: Background a...
Introduction to National Critical Infrastructure Cyber Security: Background a...
 
Is 2014 the year for Cyber Militias ?
Is 2014 the year for Cyber Militias ?Is 2014 the year for Cyber Militias ?
Is 2014 the year for Cyber Militias ?
 
HM502Unit 5 DQTopic 1 Infrastructure ProtectionA detailed
HM502Unit 5 DQTopic 1 Infrastructure ProtectionA detailedHM502Unit 5 DQTopic 1 Infrastructure ProtectionA detailed
HM502Unit 5 DQTopic 1 Infrastructure ProtectionA detailed
 
Marriage of Cyber Security with Emergency Management - Congress
Marriage of Cyber Security with Emergency Management - CongressMarriage of Cyber Security with Emergency Management - Congress
Marriage of Cyber Security with Emergency Management - Congress
 
Marriage of Cyber Security with Emergency Management -- NEMA
Marriage of Cyber Security with Emergency Management -- NEMAMarriage of Cyber Security with Emergency Management -- NEMA
Marriage of Cyber Security with Emergency Management -- NEMA
 
CST 20363 Session 6 Cybersecurity Policy
CST 20363 Session 6 Cybersecurity PolicyCST 20363 Session 6 Cybersecurity Policy
CST 20363 Session 6 Cybersecurity Policy
 
Sputnik Education Reform Movement
Sputnik Education Reform MovementSputnik Education Reform Movement
Sputnik Education Reform Movement
 
Larry KeaslerAs part of the nation’s 16 Critical Infrastructure .docx
Larry KeaslerAs part of the nation’s 16 Critical Infrastructure .docxLarry KeaslerAs part of the nation’s 16 Critical Infrastructure .docx
Larry KeaslerAs part of the nation’s 16 Critical Infrastructure .docx
 
Brian Wrote There is a wide range of cybersecurity initiatives .docx
Brian Wrote There is a wide range of cybersecurity initiatives .docxBrian Wrote There is a wide range of cybersecurity initiatives .docx
Brian Wrote There is a wide range of cybersecurity initiatives .docx
 
Modernizing Dept of Homeland Security for CFAA investigations
Modernizing Dept of Homeland Security for CFAA investigationsModernizing Dept of Homeland Security for CFAA investigations
Modernizing Dept of Homeland Security for CFAA investigations
 
Comprehensive U.S. Cyber Framework Final Report
Comprehensive U.S. Cyber Framework Final ReportComprehensive U.S. Cyber Framework Final Report
Comprehensive U.S. Cyber Framework Final Report
 
Prof E Hewitt
Prof E HewittProf E Hewitt
Prof E Hewitt
 
Raduenzel_Mark_ResearchPaper_NSEC506_Fall2015
Raduenzel_Mark_ResearchPaper_NSEC506_Fall2015Raduenzel_Mark_ResearchPaper_NSEC506_Fall2015
Raduenzel_Mark_ResearchPaper_NSEC506_Fall2015
 
SEWERLOCK AND TELECOMLOCK INFRASTRUCTURE ASSETS
SEWERLOCK AND TELECOMLOCK INFRASTRUCTURE ASSETSSEWERLOCK AND TELECOMLOCK INFRASTRUCTURE ASSETS
SEWERLOCK AND TELECOMLOCK INFRASTRUCTURE ASSETS
 
Bringing order to chaos ahmp conf sept12 - rd
Bringing order to chaos ahmp conf sept12 - rdBringing order to chaos ahmp conf sept12 - rd
Bringing order to chaos ahmp conf sept12 - rd
 
Global CCISO Forum 2018 | John Felker "Partnerships to Address Threats"
Global CCISO Forum 2018 | John Felker "Partnerships to Address Threats" Global CCISO Forum 2018 | John Felker "Partnerships to Address Threats"
Global CCISO Forum 2018 | John Felker "Partnerships to Address Threats"
 
Event: George Washington University -- National Security Threat Convergence: ...
Event: George Washington University -- National Security Threat Convergence: ...Event: George Washington University -- National Security Threat Convergence: ...
Event: George Washington University -- National Security Threat Convergence: ...
 
Case studies in cybersecurity strategies
Case studies in cybersecurity strategiesCase studies in cybersecurity strategies
Case studies in cybersecurity strategies
 
Newsletter: BDPA Washington DC (Oct 2011)
Newsletter: BDPA Washington DC (Oct 2011)Newsletter: BDPA Washington DC (Oct 2011)
Newsletter: BDPA Washington DC (Oct 2011)
 

Último

Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfhans926745
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdfChristopherTHyatt
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 

Último (20)

Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdf
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 

WA State Cyber Response

  • 1. Washington Military Department Cyber Perspectives and Response Planning Lt Col Gent Welsh Chief Information Officer/J6
  • 2. Agenda • National Perspectives & Background • WA State Cyber Planning • Steady State/Significant Relationships • WA State Cyber CONOPS • Washington State Significant Cyber Incident Annex • Exercise Concepts • Accomplishments • Questions
  • 3. National Perspectives – 9/11 Commission Report (22 July 2004, Chapter 11, Foresight and Hindsight): “We believe that the 9/11 attacks revealed four kinds of failures—in imagination, policy, capabilities, and management.” – Senator Joe Lieberman (14 Feb 12, Senate Floor): “I know it is February 14, 2012, but I fear that when it comes to protecting America from cyber-attack it is September 10, 2001, and the question is whether we will confront this existential threat before it happens?” – Secretary of Defense Panetta (11 Oct 12, New York): “…the collective result of these kind of attacks could be a cyber Pearl Harbor; an attack that would cause physical destruction and the loss of life. In fact, it would paralyze and shock the nation and create a new, profound sense of vulnerability.” – President Obama (21 Nov 12): “The cyber threat to critical infrastructure continues to grow and represents one of the most serious national security challenges we must confront.” – Defense Science Board (Jan 13): “The US cannot be confident that our critical IT systems will work under attack from a sophisticated and well- resourced opponent…”
  • 4. Background • In Jan of 2012… – Washington State did not have a comprehensive strategy to confront the challenges of cyber security – No “whole of government” dialogue on the issue – Any plans existed solely at the individual state agency level – Cyber was an IT problem…not an Operational issue – The Comprehensive Emergency Management Plan (CEMP) mentioned cyber twice in 119 pages – We lacked imagination, policy, capabilities, and management on the cyber issue • By March of 2012… – TAG/Homeland Security Advisor sponsored a Cyber Integrated Project Team along the lines of the Domestic Security Executive Group (DSEG) model – Used Emergency Support Function 2 (Communications) as the foundation – State CIO established “Security” as his #1 priority in Technology Strategy Document
  • 5. Washington State Cyber Integrated Project Team TAG/Homeland Security Advisor rapidly organizing key state agencies involved in cyber planning, response, mitigation Objectives: 1. Develop a Washington State Cyber Incident Annex based on National Cyber Incident Response Plan 2. Develop a domestic Cyber Planning and Response Concept of Operations that crosswalks National Guard cyber capabilities with state domestic cyber requirements 3. Create a “bottom up” state cyber response planning forum (requirements, capabilities, action plan) for others in FEMA Region X and nationally that leverages the “Cyber Center of Excellence” found in the Pacific Northwest …already accomplishing 8 of the 12 objectives in the NGA “12 Steps to Secure Cyberspace”
  • 6. Steady State - Cyber Day to day operations Independent plans and processes Limited coordination Multiple lines of communication Private Industry Critical Infrastructure State Government Other Governments (County, Local) Department of Homeland Security (NCCIC) Military Department
  • 7. Significant Event - Cyber Post State of Emergency Coordinated processes Simplified lines of communication Private Industry Critical Infrastructure State Government Other Governments (County, Local) Department of Homeland Security (NCCIC) Military Department (Cyber Unified Coordination Group)
  • 8. View Cyber as a Continuum How can the National Guard support the domestic cyber continuum? • Disaster Recovery • Cyber Continuity of Government (COOP) • Law Enforcement Support • Incident Response Teams • Forensics • Root Cause • Attribution • Vulnerability Identification and Remediation • System Security standard consultation • Compliance reviews • Exercise support • Project team
  • 9. NG Domestic Cyber CONOPS – Now OPLAN • Defines the requirement • Matches requirement to NG capabilities • Addresses “cyber resource type” issues • Takes a holistic perspective
  • 10. WA State Significant Cyber Incident Annex CEMP designed as an “All Hazards” Emergency Management Plan - Domestic cyber issues managed as “All Hazard” along with other natural and manmade disasters Significant Cyber Incident Annex (Annex D - under development) - Working draft ready now - Validation during DHS tabletop exercises in Sept and Nov 2013
  • 11. Significant Cyber Incident Escalation Pathway Cyber UCG Activation (CEMP Annex D - Cyber) State of Emergency Declaration (Significant Cyber Incident) EOC Activation (Local Govt or Private Sector) Addl Resources Needed Cyber Incident (Not able to be contained locally)
  • 12. Cyber Unified Coordination Group Governor Cyber Unified Coordination Group WMD/CIO OCIOTAG/HSA WSP City of Seattle/CISO WSFC FBICTS/CISO Operations Finance/ Admin LogisticsPlanning Coordinate resource requests Cyber Resource Types Set priorities Set objectives •Prioritize, allocate, and deconflict resources • Manage key Federal and State resources •Develop and maintain statewide situational awareness Incident Site Command Mission Tasks/Assignments Federal Agencies/ DOD National Guard Resources placed under direct control of recipient Resources remaining under Federal/State control Logistical support for integration and utilization of resources Regional Mutual Aid Coordinators Operational Area EOCs and Mutual Aid Coordinators Other Resource Types Incident Response Teams Command and control of incident response Affected CIKR Sectors
  • 13. Cyber UCG Coordination Framework Private Industry Critical Infrastructure State Government Other Governments (County, Local) Department of Homeland Security (NCCIC) Cyber Unified Coordination Group WA State EOC NSA/CYBERCOM Federal Interagency Resource Types Priorities 1. Prioritize, allocate, and deconflict resources 2. Manage key Federal and State resources 3. Develop and maintain statewide situational awareness
  • 14. Cyber Exercises - 2013 Dates: Sept and Nov 2013 Locations: Fusion Center, participating sites Facilitator/Planner: DHS, WMD, Industry Participants: Cyber UCG, DHS, CIKR Sector Reps (SnoPUD, Avista) Objectives: 1. Validate WA State UCG Concept and WACIA plan 2. Integrate actual WA CIKR (energy) sector player 3. Validate communications processes 4. Develop WA state cyber resource types 5. Validate WNG response CONOPS for a significant cyber incident response
  • 15. Accomplishments to date FY12 DHS HLS Grant – $80k to OCIO for domestic cyber planning (June 12) – $40k matching funds to hire state Cyber Policy Coordinator – $25k for National Guard penetration testing of cyber critical infrastructure (in State Active Duty) – $15k to begin development of state-wide cyber critical infrastructure response plan DHS Cyberstorm IV exercise (14-15 Aug 12) – Hosted by WA Consolidated Technology Services – Capture issues/gaps for potential FY13 DHS grant funding – Left participants “wanting more…” TAG/HSA appointment letter (1 Apr 13) – TAG/HSA “Senior Official” and Military Department “Lead Agency” for Cyber coord
  • 16. Three Final Points • The Washington Military Department/National Guard has a unique role in domestic cyber… • Information sharing/formalize relationships • Partnerships, partnerships, partnerships…