American Public Power Association’s Cybersecurity Services Program

Slides:

Advertisements

Similar presentations

Its a new digital world with new digital dangers….

Advertisements

Homeland Security Information Network-Emergency Management (HSIN-EM) Fire Service Community Overview Technologies for Critical Incident Preparedness Conference.

Copyright © 2014 American Water Works Association Water Sector Approach to Process Control System Security.

A Brief Overview of Emergency Management Office of Emergency Management April 2006 Prepared By: The Spartanburg County Office of Emergency Management.

Capability Cliff Notes Series PHEP Capability 1—Community Preparedness

Building Disaster-Resilient Places STEP ONE – Forming a Collaborative Planning Team.

David A. Brown Chief Information Security Officer State of Ohio

JOINT LEGISLATIVE AUDIT COMMITTEE HEARING SENATE BUDGET and FISCAL REVIEW COMMITTEE Delivering Energy Savings for California AMERICAN RECOVERY & Karen.

National Infrastructure Protection Plan

Preservation and Disaster Management. Federal Emergency Management Agency FEMA’s mission is to support our citizens and first responders to ensure that.

National Protection and Programs Directorate Department of Homeland Security The Office of Infrastructure Protection Cybersecurity Brief [Date of presentation]

An Orientation to the National Mass Care Strategy A Whole of Community Approach to Mass Care.

Capability Cliff Notes Series HPP Capability 1—Healthcare System Preparedness What Is It And How Will We Measure It?

“GeoCONOPS: What It Means for State and Local Officials” David Alexander, Director, U.S. Department of Homeland Security Geospatial Management Office November.

Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013 DRAFT.

October 27, 2005 Contra Costa Operational Area Homeland Security Strategic and Tactical Planning and Hazardous Materials Response Assessment Project Overview.

Network Security Resources from the Department of Homeland Security National Cyber Security Division.

BOTSWANA NATIONAL CYBER SECURITY STRATEGY PROJECT

RP 3 Webinar Series: Reliability Overview of the RP 3 Reliability Checklist Friday, March 20 th, :00pm -2:00pm ET.

Crisis and Emergency Risk Communication in a Pandemic: A Model for Building Capacity and Resilience of Minority Communities SOPHE/Health Promotion Practice.

COSTEP Massachusetts: An Example of Statewide Preparedness for Cultural Heritage Resources Society of American Archivists Austin Texas August 15, 2009.

NSF Cybersecuity Summit May REN-ISAC Goal The goal of the REN-ISAC is to aid and promote cyber security protection and response within the higher.

AGENDA NCSIP Mandate IT Security Threats Specific Action Items Additional Initiatives.

How we work as a national CERT in China ZHOU Yonglin CNCERT/CC, China 2 Addressing security challenges on a global scaleGeneva, 6-7 December 2010.

2012 DHS/ACT-IAC Cybersecurity Awards The “Fed Cyber Cup” Concept Overview Cheryl Soderstrom, Programs Chair, Cybersecurity SIG.

USACE Flood Risk Management and Silver Jackets Workshop Sandra K. Knight, PhD, PE, D.WRE Deputy Associate Administrator for Mitigation, FEMA August.

Gateway to the USA Līga Smildziņa-Bērtulsone, Executive Director of AmCham Latvia March 9, 2016.

FFIEC Cybersecurity Assessment Tool Maine Credit Union League September 23, 2015 Patrick Truett, Information Systems Officer National Credit Union Administration.

Security and Resilience Pat Looney Brookhaven National Laboratory April 2016.

Cyber Threat Intelligence Program Primer NASCUS August 1, 2016 Chicago, IL Christina Saari, Senior Cyber Intelligence Officer National Credit Union Administration.

Community Resilience Jill J Artzberger, MPH 2011 Texas Emergency Management Conference Thursday, April 28, 2011.

Information Security Officer Meeting

Security and resilience for Smart Hospitals Key findings

Proactive Incident Response

for Election Infrastructure

Community Health Centers of Arkansas Hazard Vulnerability Assessment Workshop August 11, 2017 Mark Fuller.

OIT Security Operations

BruinTech Vendor Meet & Greet December 3, 2015

Cybersecurity, competence and preparedness

California Deployment of the Next Generation Incident Command System (NICS) as Situation Awareness & Collaboration Tool (SCOUT) Firescope Brief.

Cybersecurity - What’s Next? June 2017

HSGP Funding for Security Efforts

Patch Management Patch Management Best Practices

Cybersecurity in the ECOWAS region

Public Facilities and Cyber Security

RP3 Program Overview RP3 Webinar Series: Reliability

California Cybersecurity Integration Center (Cal-CSIC)

About the NIS directive

TN: TEACH AACTE Grant TN TEACH: The TN EPP Assistive and Collaborative Help Network.

USA Final Project Report

Cyber Security coordination in Europe CERT-EU’s perspective

Lisa Spanberger, MPH Emergency Manager, St. Luke’s

Health Risk Assessment (HRA): Workshop Guide

“The Link” - Continuity of Operations and Emergency Management

Cybersecurity in the Electric Sector: Update on Threats and Defenses

How to approach a top-down call topic in Horizon 2020?

2017 Health care Preparedness and Response Draft Capabilities

Hazard and Vulnerability Assessment

John M. Felker Director, NCCIC.

Resiliency Framework & the Route to Resilience Tool

Community Involvement Training

Cybersecurity ATD technical

Lincoln County Social Services Organizational Effectiveness

Increasing Preparedness Capacities across the Mediterranean - IPCAM 2 Luigi D’Angelo Italian Civil Protection Department Brussels, 18 January 2017.

Elections Systems: Designated Critical Infrastructure

Safe + Sound A year-round campaign to encourage every workplace to have a safety and health program Safe + Sound is a year-round campaign encouraging.

Cybersecurity and Other Important Updates

IoT in Healthcare: Life or Death

Streamline your move to the cloud

Presentation transcript:

American Public Power Association’s Cybersecurity Services Program MPPA Cybersecurity Workshop Holland BPW - Holland MI August 14, 2019

Cyber & Physical Preparedness Help members develop “all-hazards” approach to disaster preparation and response Show federal policymakers public power’s commitment to security and mutual aid Strengthen government/industry partnerships Minimize new federal regulation

DOE Cooperative Agreement Overview Goal: Develop a culture of cyber security within public power utilities. Objective: Engage with public power distribution utilities to understand their cyber security awareness, capabilities and risks. Move each utility from its existing state to a public power target profile. Tasks: Cybersecurity risk assessments (Cybersecurity Scorecard) Onsite cyber vulnerability assessments Pilot existing and emerging security technologies Information sharing between utilities and APPA, E-ISAC, MS-ISAC, other partners Acknowledgment: These activities are based upon work supported by the Department of Energy under Award Number DE-OE0000811.

DOE Cooperative Agreement Overview In 2016 APPA partnered with the Department of Energy 3-year, $7.5M Cooperative Agreement; 2016-17 – Analysis and Data Collection 2017-18 – Deployment and Resource Development 2018-19 – Sustainability Acknowledgment: These activities are based upon work supported by the Department of Energy under Award Number DE-OE0000811.

Why are we concerned? Municipal government agencies are not the only victims, but are the most public lately Money, staff time and resources are being spent to recover from successful attacks Nation States are increasing their efforts due to success and due to geopolitical tensions

DHS open source alerts: HIDDEN COBRA - North Korean Malicious Cyber Activity August 9, 2018: North Korean Trojan: KEYMARBLE June 14, 2018: North Korean Trojan: TYPEFRAME May 29, 2018: HIDDEN COBRA – Joanap Backdoor Trojan and Brambul Server Message Block Worm May 29, 2018: HIDDEN COBRA RAT/Worm March 28, 2018: North Korean Trojan: SHARPKNOT February 13, 2018: North Korean Trojan: HARDRAIN February 13, 2018: North Korean Trojan: BADCALL December 21, 2017: North Korean Trojan: BANKSHOT November 14, 2017: North Korean Remote Admin Tool: FALLCHILL November 14, 2017: North Korean Trojan: Volgmer August 23, 2017: Analysis of Delta Charlie Attack Malware June 13, 2017: HIDDEN COBRA – North Korea’s DDoS Botnet Infrastructure May 12, 2017: WannaCry Ransomware (300,000 computers affected)

Scorecard results will populate your dashboard Results breakdown by domain Dashboard This dashboard will be generated upon completion of the Public Power Scorecard questions It provides a quick percentage breakdown of performance by each of the 10 C2M2 domains a composite score out if 300 to gauge overall posture the ability to share scorecard results with other users tailored improvement recommendations based on based on scorecard responses Improvement recommendations based on scorecard responses

Scorecard Activity 272 public power utilities participating (2019 Goal is to reach 400 utilities) 520 foundational cybersecurity self assessments at the 272 utilities (14 Questions – 45 minutes) All public power utilities have FREE access to the Scorecard portal Utilities who have taken the assessment have reported that the Scorecard is helping to “take the guesswork out of what they should be striving to achieve”

Cybersecurity Roadmap Using the Scorecard output, provide public power utilities with clear actions to improve their cybersecurity program Provide information that creates a compelling business case for security investments.

Incident Response Playbook Cyber Incident Response Playbook Modeled after mutual aid response network Cyber Mutual Assistance (CMA) being developed nationally Utilities sharing cyber resources and expertise in a crisis Exercising the playbook to be prepared (GridEx V – November 13-14, 2019) Acknowledgment: These activities are based upon work supported by the Department of Energy under Award Number DE-OE0000811.

Cybersecurity Training Signing up JAAs to be host sites for training Cybersecurity@publicpower.org Deliver low cost cybersecurity training and exercises that align with the Scorecard Conduct Regional facilitated Orlando July 10-11 (103 attendees) Kearney Nebraska July 24-25 (73 attendees) Los Angeles California August 22 (75 registrations) Hosting a year end public power cybersecurity summit (November 18-20, 2019 Nashville TN)

Technology Deployment After completing the Scorecard, utilities may be ready to reduce risk by investing in cybersecurity technologies from managed security service providers or other vendors. The Association’s new Cybersecurity Technology Assistance Program (CTAP) can support that investment first by connecting public power utilities to cybersecurity technology solution providers. Then we can offer an 80% cost share for deploying a monitoring system at qualified utilities. Developing a Cyber Asset Tracking technology to provide public power utilities with an online tool for: Cyber Asset Inventory Geolocation of Cyber Assets Matching of publicly know vulnerabilities with cyber assets Acknowledgment: These activities are based upon work supported by the Department of Energy under Award Number DE-OE0000811.

Secure Information Sharing Sign up for the E-ISAC at www.eisac.com Sign up for the MS-ISAC at www.cisecurity.org We continue to recommend the E-ISAC as the trusted source of public power utility’s ICS threat information. Developing a program for Shared Cybersecurity Services Joint Action Agency model as a framework to possibly provide a shared cyber analyst Mature organizations mentoring others Concise threat feed in our Secure Trusted Community (STC) network Acknowledgment: These activities are based upon work supported by the Department of Energy under Award Number DE-OE0000811.

Additional Cybersecurity Resources Cybersecurity Scorecard 261 public power utilities Cybersecurity Roadmap Helps you develop an action plan Incident Response Playbook Cyber Mutual Aid Shared cyber resources Cybersecurity Training We bring training to you Secure Information Sharing Weekly Situation Report (new)

Resources page: www.publicpower.org/gridsecurity Nathan Mitchell Sr. Director of Cyber and Physical Security Services American Public Power Association 2451 Crystal Dr., Suite 1000, Arlington, VA 22202 Direct: 202.467.2925 NMitchell@PublicPower.org cybersecurity@publicpower.org