Critical Infrastructure 101

Slides:



Advertisements
Similar presentations
Protective Security Advisors Securing the Nations critical infrastructure one community at a time.
Advertisements

Department of Homeland Security Site Assistance Visit (SAV)
Homeland Security at the FCC July 10, FCCs Homeland Security Focus Interagency Partnerships Industry Partnerships Infrastructure Protection Communications.
DEFENSE SUPPORT OF CIVIL AUTHORITIES (DSCA)
Idaho Critical Infrastructure and Key Resources Protection Program and Fusion Center Brief.
1 Pipeline Security Presented to: Pipeline Safety Trust New Orleans, Louisiana November 5, 2010.
GEORGE MASON UNIVERSITY Center for Infrastructure Protection and Homeland Security Integrating Critical Infrastructure into Emergency Management Programs.
National Infrastructure Protection Plan
DHS, National Cyber Security Division Overview
National Protection and Programs Directorate Department of Homeland Security The Office of Infrastructure Protection Cybersecurity Brief [Date of presentation]
Framework for Improving Critical Infrastructure Cybersecurity Overview and Status Executive Order “Improving Critical Infrastructure Cybersecurity”
Resiliency Rules: 7 Steps for Critical Infrastructure Protection.
Food and Agriculture Sector Coordinating Councils John L. Williams, DVM U.S. Department of Agriculture AFDO Annual Conference Kansas City, MO June 7, 2005.
Part of a Broader Strategy
Jeju, 13 – 16 May 2013Standards for Shared ICT CYBERSECURITY-RELATED STANDARDS ACTIVITY IN THE TELECOMMUNICATIONS INDUSTRY ASSOCIATION Eric Barnhart, Fellow.
Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013 DRAFT.
BOTSWANA NATIONAL CYBER SECURITY STRATEGY PROJECT
Food and Agriculture Sector Update NASDA Food & Agriculture Security Task Force February 19, 2009.
Critical Infrastructure Protection Overview Building a safer, more secure, more resilient America The National Infrastructure Protection Plan, released.
Critical Infrastructure Protection: Program Overview
Catastrophe Readiness and Response Session 7b 1 Session 7b Critical Infrastructure Drew Bumbak.
PS Version 1 National Response Framework Overview for Private Sector Audiences January 22, 2008.
Food and Agriculture Sector A Collaborative Path to Agriculture Security and Food Defense LeeAnne Jackson, HHS/FDA Multistate Partnership Meeting Madison,
1 Session 7, Section 2 Critical Infrastructure Drew Bumbak.
The Challenging Landscape of Critical Information Infrastructure: Are We Ready? Leonard Bailey Senior Counsel Computer Crime & Intellectual Property Section.
Governor’s Office of Homeland Security & Emergency Preparedness LOUISIANA BANKERS ASSOCIATION 2010 Louisiana Emergency Preparedness Coalition Meetings.
Infrastructure Protection
What is “national security”?  No longer defined only by threat of arms  It really is the economy  Infrastructure not controlled by the government.
NATIONAL INCIDENT MANAGEMENT SYSTEM (NIMS)
California Department of Public Health / 1 CALIFORNIA DEPARTMENT OF PUBLIC HEALTH Standards and Guidelines for Healthcare Surge during Emergencies How.
1 Iowa Emergency Management Association Iowa Homeland Security and Emergency Management Department Emergency Management Program Development Course EMERGENCY.
Overview Briefing Threat and Hazard Identification and Risk Assessment (THIRA) Presidential Policy Directive 8 / PPD-8: National Preparedness May 2012.
for Election Infrastructure
NATIONAL INCIDENT MANAGEMENT SYSTEM (NIMS)
Security Research Institute
WHAT is Project Matrix? An effort designed to:
Training and Outreach Materials
California Cybersecurity Integration Center (Cal-CSIC)
Critical Infrastructure Protection Policy Priorities
Unit 2: Recovery Pre-Disaster Planning Guidance for Local Governments
Fiscal Mapping Community of Practice
How does a Requirements Package Vary from Project to Project?
Chapter 1: Policing in America
8 Building Blocks of National Cyber Strategies
Research Program Strategic Plan
Incident command use for pipeline emergencies
America’s First National Critical Infrastructure Exercise
Understanding Existing Standards:
Role for Electric Sector in Critical Infrastructure Protection R&D
NERC Critical Infrastructure Protection Advisory Group (CIP AG)
IS4550 Security Policies and Implementation
CUCCIO IT Leadership Development Program
Continuity Guidance Circular Webinar
The U.S. Department of Homeland Security
Election Infrastructure Security Initiative
Cybersecurity ATD technical
Introduction to: National Response Plan (NRP)
What is PACE EH? PACE EH is a process for assessing and analyzing the environmental health of communities and for creating plans to address threats and.
Group Meeting Ming Hong Tsai Date :
Presentation slide for courses, classes, lectures et al.
Continuity of Operations Planning
16 September 2010 Strategy Mark Dickinson, Director Planning and Performance Mark Dickinson, Director Planning and Performance.
Elections Systems: Designated Critical Infrastructure
Deborah Housen-Couriel, ADV.
FGFOA Committees Established and evaluated by the FGFOA Board of Directors to utilize talent and resources of the FGFOA membership.
Facilitating Change (AET 560)
Co-production: Enablement Tracking & Reporting
October is National Cybersecurity Awareness Month
Civil Air Patrol Critical Infrastructure Austin Worcester 15 Jul 2019.
Infragard national 2019 Strategic direction & plans
Presentation transcript:

Critical Infrastructure 101 Mark Listes U.S. Election Assistance Commission

Topics – Questions That I’ll Answer Cybersecurity, Elections How did we get here? What do we do now that we are here? What is the EAC doing with all of this? What is Critical Infrastructure and where did it come from? What do I need to know about Critical Infrastructure? Really, what is a sector?

x193 How did we get here? Jan. 6 17 GOP CANDIDATES This slide is used to help set context for conversation for the audience. It displays a variety of news article headlines in chronological order, and it is intended to help the audience remember how the focus of the media has shifted from a variety of topics around the election to primarily Russia’s potential interference in the election. In researching this slide, the presenter found the New York Time’s news aggregation page for the topic of “Russia and the elections” and found that this page had 193 articles listed on it. This number is included to show how much the topic is being covered.” The Slide ends with the press release for DHS’s designation of elections as critical incfrastructure.

How did we get here? DHS designates elections as critical infrastructure DHS works to help the sector self form DHS announces information about Russian hacking of states The Government Coordinating Council Forms Jan. 6 This slide lists some important events that have happened since DHS has designated elections infrastructure as critical infrastructure on January 6.

So Where Are We? Things are a little bit different Daily Headlines About Hacking and the Elections DHS has increased the federal presence in elections ~ 1 year after the election Things are a little bit different We have a few more eyes watching us We have some new terms, skills, and information that we need to know and use

Where Do We Go From Here? ? When the NIPP describes a SSA and its component GCC and SCCs the concept of a Co-SSA helping manage the SSP is not disallowed. Research all that you can, and learn as much as you can so that you can engage in conversations that will affect your work in a real and meaningful way Leverage your years of expertise and your excellent skills Use your resources like the EAC ? ? ? This slide contains three recommendations for people who are learning about critical infrastructure for the first time. The graphic to the right shows a word bubble with a sentence that could be used in a critical infrastructure conversation and contains many acronyms. This sentence is used to show how complex the conversation can be. At the end of the slide, the last animation makes the EAC’s CI Starting Point Document appear over the complex sentence to indicate to the audience that the EAC’s resources help EAC stakeholders wade through the alphabet soup that is contained in CI onversations.

What is the EAC doing with all of this? The EAC is dedicated to helping election officials be ready to protect their systems against modern cyber threats We see Critical Infrastructure and the resources that come with it as one component of the larger Cybersecurity picture We are crafting resources to address all fronts Cybersecurity Ongoing Cyber Best Practices and Information Critical Infrastructure Testing and Certification 7

What is CI and where did it come from? The short answers: What is CI? A federal designation, made by the President (through the Secretary of DHS) stating that a type of infrastructure is critical to the function of the country The designation primarily does two things: Re-characterizes attacks on this infrastructure to enable the federal government to take additional steps not previously available against actors who attack this infrastructure Prioritizes threat prevention information sharing to critical infrastructure entities and creates mechanisms that facilitate this information sharing

What is CI and where did it come from? The short answers: Where did CI come from? Critical infrastructure is a term that has been around for a long time The Clinton administration created the first iteration of modern CI in 1996 Created a national commission on critical infrastructure Designated the first eight CI sectors The current definition of comes from the Patriot act and a presidential directive (PPD-21) as: “systems and assets, whether physical or virtual, so vital to the United States that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, national public health or safety, or any combination of those matters.”

What is CI and where did it come from? – The timeline EO 1310 Establishes national commission on CI Establishes the original eight CI sectors PPD-63 “cyber” is added to CI Definition Designated federal agencies to lead sectors (SSAs) 2002 Patriot Act & Homeland Security Act Defines Critical Infrastructure Establishes DHS HSPD-7 Supersedes PPD-63 Builds on top of PPD-63 Increased requirements on federal departments and agencies New definition of SSA 2013 PPD-21 is signed initiating the process of structuring the modern CI structure through the - 2013 NIPP Government Facilities sector created 2017 January 6: Elections Infrastructure designated as part of government facilities sector

DHS Department of Homeland Security: Charged with administer the National Infrastructure Protection Plan SSAs Sector Specific Agencies: The federal agency that maintains the sector and the partnership of the councils within it & maintains the sector specific plan Sectors The Organizational Unit that represents a section of the nation’s critical infrastructure that contains entities with common traits Operational Units Security Advisors ISACs/ ISAOs Sector Councils Federal Senior Leadership The CI Landscape Four categories of entities that make-up the CI landscape Department of Homeland Security (DHS) – Charged with administering and managing CI as a whole Sector Specific Agencies (SSAs) – Charged with managing a sector and its sector specific plan Sector: The way infrastructure is categorized Operational Units: Entities that distribute information and

What Do I Really Need to Know About CI? – Documents to Know Homeland Security Act Your Sector/ Subsector’s Plan Created DHS and empowered DHS to designate CI as well as create sectors Sets the vision and goals for overall critical infrastructure and security and resilience efforts This document governs how your sector is managed, maintained and shares information. There is no current elections infrastructure subsector plan

What Do I Really Need to Know About CI? – Key National Players Department of Homeland Security Charged with administering CI: Designates infrastructure as Critical Infrastructure Creates Sectors Serves as many Sector’s SSA Sector Specific Agency (SSA) The federal agency that maintains the sector and the partnership of the councils within it Maintains the sector specific plan ISACs and ISAOs Non-governmental information organizations Protective Security Advisers & Cyber Security Advisers DHS employee that works to help inform entities within a geographic area of threats and vulnerability mitigation information Coordinating Council An organizing and information sharing entity to which entities from a critical infrastructure sector belong and interact to share security information with each other and the SSA

Really, What is a Sector? Questions I’ll Answer: What is a sector? How is a sector usually structured? What is a Coordinating Council? How does a sector usually operate?

Really, What is a Sector? Definition: A logical collection of assets, systems, or networks that provide a common function to the economy, government or society – 2013 NIPP What this means: Sectors are how DHS organizes its approach to the nation’s Critical Infrastructure If infrastructure is critical and similar to other infrastructure, then it is in the same sector Sectors each have their own governance structure and operational protocols - each is unique

Really, What is a Sector? – Contents Sectors contain relevant critical infrastructure and its owners and operators Sectors also contain organizational mechanisms and entities that facilitate sector operation and information sharing These are usually: Sector Coordinating Councils Government Coordinating Councils ISAC Sector/ SSA ISAC Councils Sector Coordinating Council Government Coordinating Council

Really, What is a Sector? How does a sector usually managed? The Sector Specific Plan is drafted and managed by the SSA with input from the councils This guides the sector as a whole The councils are self-chartered and self organizing The councils write their own rules and dictate their own membership and operations This includes information sharing protocols Sector Specific Plan (SSA administered) Councils – Each self chartered and governed Sector Coordinating Council – self chartered Contains potential working groups Government Coordinating Council – self chartered

Sector Drilldown: What is a Coordinating Council? General Definition: an organization to which a critical infrastructure entity, owner, or operator can belong. The coordinating councils facilitate information sharing and promote risk management efforts throughout the sector and between the sector and DHS. Typical (but not required) Types: Sector Coordinating Council – Represent the involved private sector entities Government Coordinating Council – Represent the involved government entities

Sector Drilldown: How does a coordinating council usually operate? Generally: The coordinating council meets regularly to discuss the state of the sector, needs of the members of the council, projected future needs, and events within the sector. The council also may usually set up working groups to explore issues. Special Treatment: The coordinating councils may at times take advantage of CIPAC protection that allows council communications to be treated differently under FOIA Disclaimer: The councils are self-organizing and self-governing. So, none of this is set in stone and the council charters can affect the councils’ structure and operations significantly

Questions?

More Resources CI Scoop – Blog Starting Point Document Covering all topics CI and elections as CI Updates on the EAC and CI Starting Point Document 6 page in-depth overview of Critical Infrastructure and Elections as Critical Infrastructure

U.S. Election Assistance Commission Contact Us: Mark Listes Phone: 202-476-9051 Email: mlistes@eac.gov U.S. Election Assistance Commission Phone: 1-866-747-1471 Email: havainfo@eac.gov

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.