1 Federal Communications Commission Public Safety and Homeland Security Bureau NARUC Summer Committee Meetings Dallas, Texas July 13, 2014 Clete D. Johnson.

Slides:

Advertisements

Similar presentations

K. F. Rauscher November 2004 C Q R Welcome IEEE COMMUNICATIONS SOCIETY Emergency Power Conference Monday, November 22, 2004 Bell Labs Network Reliability.

Advertisements

AFCEA DC Cyber Security Symposium Military Joint Cyber Command Panel Harry Raduege Lieutenant General, USAF (Ret) Chairman, Center for Network Innovation.

Homeland Security at the FCC July 10, FCCs Homeland Security Focus Interagency Partnerships Industry Partnerships Infrastructure Protection Communications.

EAC HIGHER EDUCATION POLICY

Vehicle-infrastructure integration: creating co-operative mobility systems and services Hearing EU Parliament, 22 January 2009 Hermann Meyer, CEO.

NOTE: To change the image on this slide, select the picture and delete it. Then click the Pictures icon in the placeholde r to insert your own image. Cybersecurity.

Overview of Priorities and Activities: Shared Services Canada Presentation to the Information Technology Infrastructure Roundtable June 17, 2013 Liseanne.

Transit Security: An Overview of Activities Since 9/11 Eva Lerner-Lam President Palisades Consulting Group, Inc. ITE 2003 Annual Meeting August 24-27,

Private Sector Perspectives on Federal Financial Systems Modernization and Shared Services.

Regulatory Frameworks in OECD countries and their Relevance for India Nick Malyshev Senior Counsellor Public Governance and Territorial Development OECD.

Strategy 2022: A Holistic View Tony Hayes International President ISACA © 2012, ISACA. All rights reserved.

David A. Brown Chief Information Security Officer State of Ohio

Federal Communications Commission Public Safety and Homeland Security Bureau Public Safety Communications Update “View from the FCC” David G. Simpson,

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

SECR 5140-FL Critical Infrastructure Protection Dr. Barry S. Hess Spring 2 Semester Week 3: 1 April 2006.

International Telecommunication Union Committed to connecting the world 4 th ITU Green Standards Week Mike Wood & Jack Rowley EMF Technical Group Leaders,

PPA 573 – Emergency Management and Homeland Security Lecture 9b - Department of Homeland Security Strategic Plan.

Board responsibility for internal control and risk management by Kiattisak Jelatianranat Chairman, The Institute of Internal Auditors of Thailand Director,

Framework for Improving Critical Infrastructure Cybersecurity Overview and Status Executive Order “Improving Critical Infrastructure Cybersecurity”

Resiliency Rules: 7 Steps for Critical Infrastructure Protection.

Getting Smarter with Information An Information Agenda Approach

The Financial Impact of Cyber Security 50 Questions Every CFO Should Ask A publication of the American National Standards Institute and the Internet Security.

Don Von Dollen Senior Program Manager, Data Integration & Communications Grid Interop December 4, 2012 A Utility Standards and Technology Adoption Framework.

Lessons Learned in Smart Grid Cyber Security

Copyright © 2006 CyberRAVE LLC. All rights reserved. 1 Virtual Private Network Service Grid A Fixed-to-Mobile Secure Communications Framework Managed Security.

1 FCC’s Homeland Security Partnerships Executive Office of the PresidentState and Local Governments Sister Agencies Industry and Trade Organizations Federal.

Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013 DRAFT.

Isdefe ISXXXX XX Your best ally Panel: Future scenarios for European critical infrastructures protection Carlos Martí Sempere. Essen.

BOTSWANA NATIONAL CYBER SECURITY STRATEGY PROJECT

Association of Defense Communities June 23, 2015

Critical Infrastructure Protection: Program Overview

1 1 Creating the Idaho State Alert & Warnings System (ISAWS) Ward Noland, BSEM State/Local Warning Coordinator Idaho Bureau of Homeland Security.

An Integrated Control Framework & Control Objectives for Information Technology – An IT Governance Framework COSO and COBIT 4.0.

© 2013 Federal Reserve System. Materials are not to be used without consent. Federal Reserve Financial Services Strategic Direction: Payment.

An Overview of the Smart Grid David K. Owens Chair, AABE Legislative Issues and Public Policy Committee AABE Smart Grid Working Group Webinar September.

Presenter’s Name June 17, 2003 Nationwide Perspective: Building a Nationwide Network for Public Safety Dusty Rhoads Office of Emergency Communications.

1 Jim Devlin Comptroller of the Currency November 5, 2009 Data Breaches in Payments Systems -- Roles and Best Practices for the Public and Private Sector.

FCC Field Hearing on Energy and the Environment Monday November 30, 2009 MIT Stratton Student Center, Twenty Chimneys Peter Brandien, Vice President System.

Frederic Maduraud European Commission DG Information Society OECD Workshop on Broadband Seoul, June 2002 “Exploiting the Broadband.

Risk and Crisis Management Building OECD Principles on Country Crisis Management.

Catawba County Board of Commissioners Retreat June 11, 2007 It is a great time to be an innovator 2007 Technology Strategic Plan *

Frankfurt (Germany), 6-9 June 2011 Iiro Rinta-Jouppi – Sweden – RT 3c – Paper 0210 COMMUNICATION & DATA SECURITY.

National Cybersecurity Center of Excellence Increasing the deployment and use of standards-based security technologies Mid-Atlantic Federal Lab Consortium.

UNCLASSIFIED Homeland Security Introduction to the National Cybersecurity & Communications Integration Center (NCCIC) “A Partnership for Strength” 1.

Vendor Management from a Vendor’s Perspective. Agenda Regulatory Updates and Trends Examiner Trends Technology and Solution Trends Common Issues and Misconceptions.

Raya for Information Technology. About US  Raya IT, established in 1998, operates in the field of systems integration and IT business solutions.  A.

UNCLASSIFIED 1 National Security in Cyberspace: It Takes a Nation Sandra Stanar-Johnson NSA/CSS Representative to the Department of Homeland Security February.

Public Safety and Homeland Security Bureau 2006 Annual Report January 17, 2007.

Chief Harlin R. McEwen Chief of Police (Ret) City of Ithaca, NY FBI Deputy Assistant Director (Ret) Washington, DC Public Safety Spectrum Trust Chairman.

Security and Resilience Pat Looney Brookhaven National Laboratory April 2016.

Driving Value from IT Services using ITIL and COBIT 5 July 24, 2013 Gary Hardy ITWinners.

Data Enabled Railway July 2015 Railway Suppliers Summer Conference 2015 Steve Warner, EMEAR Head of Data & Analytics.

Program Overview and 2015 Outlook Finance & Administration Committee Meeting February 10, 2015 Sheri Le, Manager of Cybersecurity RTD.

National Emergency Communications Plan Update National Association of Regulatory Utility Commissioners Winter Committee Meeting February 16, 2015 Ron Hewitt.

Welcome Carol Berrigan Nuclear Energy Institute July 13, 2015.

Managed IT Solutions More Reliable Networks Are Our Business

Information Security Program

Iowa Communications Alliance

Update from the Faster Payments Task Force

Enterprise risk management

and Security Management: ISO 28000

Information Technology Sector

BUILDING A PRIVACY AND SECURITY PROGRAM FOR YOUR NON-PROFIT

Cybersecurity: The State Regulators’ Perspective

The SWA Collaborative Behaviors

Frameworks, Standards, Guidelines, and Best Practices

An Urgent National Imperative

Cybersecurity ATD technical

MAZARS’ CONSULTING PRACTICE

MAZARS’ CONSULTING PRACTICE Helping your Business Venture Further

Presentation transcript:

1 Federal Communications Commission Public Safety and Homeland Security Bureau NARUC Summer Committee Meetings Dallas, Texas July 13, 2014 Clete D. Johnson Chief Counsel for Cybersecurity Secure and Reliable Networks: The Role of the FCC in Public Safety and National Security

Public safety and national security: A fundamental FCC responsibility since the Commission’s beginning. Predecessor institution, the Federal Radio Commission, created in 1912 following Titanic disaster. To “promote safety of life and property” – first phrases of the Communications Act of Cannot abdicate these responsibilities just because the threats have begun to arrive via new technologies. SS7 Outage in 1991: New communications protocol, multiple carriers, multiple vendors … Major communications failure. How to avoid similar outcomes for public safety and national security imperatives in the era of IP-based communications? 2 The Role of the FCC in Communications Security and Reliability

“100 year” shifts underway: Copper wire to fiber optic cables. Switched telephony to IP-based networks. Fixed wireline to mobile wireless. What does this transition mean for crucial public safety and emergency functions? For core communications network infrastructure? 3 Historic Transition in Information- Communications Technology and Practices

Five year trajectory toward proactive private-public partnership: 2008: Comprehensive National Cybersecurity Initiative – military/intelligence-driven approach : Congressional consideration of mandatory regulatory requirements : President’s Executive Order and NIST Cybersecurity Framework for Critical Infrastructure. Now: FCC asks private sector communications companies to create “New Paradigm” of business-driven cyber risk management based on market innovation and accountability. Optimize security, privacy, innovation – create a mutually reinforcing virtuous cycle. 4 U.S. Policy Consensus: New Paradigm for Security, Privacy, Innovation

Chairman Wheeler’s New Paradigm Challenge the communications sector to create its own measurable, accountable, business-driven cybersecurity risk management processes as a substitute for traditional regulation:  Based on private sector innovation and the alignment of private interests with public interests.  More dynamic than compliance with rules but more effective than blindly trusting the market.  Businesses take responsibility for determining how to manage risk in a transparent and measurable way that promotes market accountability for cyber risk reduction.  Key distinction: Proactive business-driven risk management, not reactive compliance with government requirements.  Must be real and meaningful – measurably effective – not just “happy talk” about good ideas. 5

1.Improving cybersecurity standards, best practices, and cyber risk management. 2.Increasing cyber threat information sharing and situational awareness. 3.Early engagement in “security by design” for hardware and software development. 4.Helping advance U.S. cyber policy internationally. 5.Protecting privacy, civil liberties, and business confidentiality. 6.Improving FCC cybersecurity capabilities. 6 Areas of FCC Cybersecurity Focus

Measuring Success  Unlike for financial risk, for cyber risk there is not centuries’ worth of quantifiable data to draw on.  Measuring risk and effectiveness of risk management is the hardest and most important question stakeholders have to answer.  The FCC is working with federal partners and the private sector to gather input on how to measure, assess, and manage cyber risk.  Common factors emerging: companies identify the cyber risk universe, develop internal controls, assess implementation, and monitor effects – same as in other areas of enterprise risk management. 7