Unclassified  1 Critical Infrastructure Protection Chuck Whitley EMS User’s Group June 9, 1999.

Slides:

Advertisements

Similar presentations

Homeland Security Information Network-Emergency Management (HSIN-EM) Fire Service Community Overview Technologies for Critical Incident Preparedness Conference.

Advertisements

NERC Critical Infrastructure Protection Advisory Group (CIP AG) Electric Industry Initiatives Reducing Vulnerability To Terrorism.

Homeland Security at the FCC July 10, FCCs Homeland Security Focus Interagency Partnerships Industry Partnerships Infrastructure Protection Communications.

Homeland Security and Law Enforcement Created By: Ashley Spivey For _Local_Actions_for_Homeland_Security.pdf.

SEARO –CSR Early Warning and Surveillance System Module Event-based Surveillance.

Unit 1: Introductions and Course Overview Administrative Information  Daily schedule  Restroom locations  Breaks and lunch  Emergency exit routes 

Introduction to Information Operations Attaché Corps- SEP 09

National Biosurveillance Integration System (NBIS) Prepared for: Biosurveillance Information Exchange Working Group February 22, 2006.

The French approach to CIIP ENISA workshop. Coordination of CIP in France ANSSI 2 A cross-ministerial issue The General Secretariat for Defense and National.

The U.S. Coast Guard’s Role in Cybersecurity

DHS, National Cyber Security Division Overview

Research and Educational Networking Information Analysis and Sharing Center (REN-ISAC) Mark S. Bruhn, Interim Director University Copyright.

InfraGard Update SSA John V. Gillies SA Matthew E. Morin.

CIAO July Critical Infrastructure Assurance Office Protecting America’s Cyberspace: Version 1.0 of the National Plan Jeffrey Hunker National.

National Space-Based Positioning, Navigation, and Timing (PNT) Federal Advisory Board DHS Challenges & Opportunities Captain Curtis Dubay, P.E. Department.

Critical Infrastructure Protection (and Policy) H. Scott Matthews March 5, 2003.

Critical Infrastructure Protection (and Policy) H. Scott Matthews March 25, 2004.

June 9, 2003 Updated July 2004 Slide 1 Critical Infrastructure Assurance: The US Experience.

Disaster Communications System (DCS) Overview for State and Local Governments National Conference on Emergency Communications (NCEC) Panel 5: State and.

Security Issues on Campus: Government Initiatives Rodney J. Petersen University of Maryland Educause/Internet2 Security Task Force Copyright Rodney J.

Food Safety and Inspection Service U.S. Department of Agriculture Homeland Security: Protecting the U.S. Food Supply Office of Food Security & Emergency.

Resiliency Rules: 7 Steps for Critical Infrastructure Protection.

Technician Module 2 Unit 8 Slide 1 MODULE 2 UNIT 8 Prevention, Intelligence & Deterrence.

Session 16: Distribution of Geospatial Data 1 Distribution of Geospatial Data in the Public Environment Hazard Mapping and Modeling.

US-CERT National Cyber Security Division/ U.S. Computer Emergency Readiness Team (US-CERT) Overview Lawrence Hale Deputy Director, US-CERT.

N ational I NFOSEC E ducation and T raining P rogram Educational Solutions for a Safer World http//

HOMELAND SECURITY ADVISORY SYSTEM. Established after the terrorist attacks on America September 11, 2001.

United States Coast Guard Port Security Assessment Program Evaluability Assessment LaKeshia Allen Alexandra Sommers May 2, 2005.

The U. S. National Strategy for Global Supply Chain Security Neema Khatri Office of International Affairs U.S. Department of Homeland Security.

Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013 DRAFT.

Homeland Security Advisory System protectivemeasures vulnerability responseFederal departments and agencies would implement a corresponding set of protective.

Cybersecurity and the Department of Justice Vincent A. Citro, Assistant United States Attorney July 9-10, 2014 Unclassified – For Public Use.

Isdefe ISXXXX XX Your best ally Panel: Future scenarios for European critical infrastructures protection Carlos Martí Sempere. Essen.

1 © 2003 Cisco Systems, Inc. All rights reserved. CIAG-HLS Security For Infrastructure Protection: Public-Private Partnerships KEN WATSON 15 OCT.

1 Information System Security Assurance Architecture A Proposed IEEE Standard for Managing Enterprise Risk February 7, 2005 Dr. Ron Ross Computer Security.

Slide 1 1 Explanation of ITTF Communications initiatives and the use of IREACH for health departments.

National Response Plan and DOI Mission Management Briefing for DOI Annual Business Conference Laurence I. Broun Departmental Emergency Coordinator Office.

CIP Program Highlights Member Representatives Committee October 28, 2008 Michael Assante, CSO

Introduction to the National Cybersecurity & Communications Integration Center (NCCIC) “A Partnership for Strength” 1.

Association of Defense Communities June 23, 2015

Critical Infrastructure Protection Overview Building a safer, more secure, more resilient America The National Infrastructure Protection Plan, released.

Information Sharing Challenges, Trends and Opportunities

The NIGF CONFERENCE © 2013 ADDRESSING THE VULNERABILITY OF CRITICAL ICT INFRASTRUCTURE by Ernest Ndukwe, OFR Chairman Openmedia Communications Ltd 18 th.

Status Report for Critical Infrastructure Protection Advisory Group

Role for Electric Sector in Critical Infrastructure Protection R&D Presented to NERC CIPC Washington D.C. June 9, 2005 Bill Muston Public Release.

Critical Infrastructure Assurance Office Presenter: Mike Lombard Globalization and Terrorism: Protecting the Digital Infrastructure June 7, 2002 U.S. Government.

InfraGard A Government and Private Sector Alliance Information sharing begins with human relationships – people talking with people whom they trust. Information.

A Global Approach to Protecting the Global Critical Infrastructure Dr. Stephen D. Bryen.

1 Washington State Critical Infrastructure Program “No security, No infrastructure” Infrastructure Protection Office Emergency Management Division Washington.

Governor’s Office of Homeland Security & Emergency Preparedness LOUISIANA BANKERS ASSOCIATION 2010 Louisiana Emergency Preparedness Coalition Meetings.

Infrastructure Protection

Security at FERC Energy Projects Energy Bar Association Mid-Year Meeting Robert J. Cupina, Deputy Director Office of Energy Projects Federal Energy Regulatory.

Created by: Ashley Spivey For Department of Homeland Security All information from:

What is “national security”?  No longer defined only by threat of arms  It really is the economy  Infrastructure not controlled by the government.

Cyber Storm Overview Wednesday 2/1/ PT. Cyber Storm Cyber Storm National Cyberspace Security Exercise Mandated in National Strategy to Secure Cyberspace.

Responsive Innovation for Disaster Mitigation Gordon A. Gow University of Alberta.

S3.1 session day 3 1 training delivered by Oxfam GB, RedR India and Humanitarian Benchmark; January 2012, Yangon, Myanmar approved by the Advisory.

INFORMATION ASSURANCE POLICY. Information Assurance Information operations that protect and defend information and information systems by ensuring their.

Dr Jenean Spencer Director Pandemic Preparedness Section Office of Health Protection Department of Health and Ageing Public-Private Partnerships for Pandemic.

Critical Infrastructure Protection Committee Report to NERC Standing Committees in Joint Session Long Beach, CA March 2005 Public Release.

1 Iowa Emergency Management Association Iowa Homeland Security and Emergency Management Department Emergency Management Program Development Course EMERGENCY.

Ken Watson 9 Sep 2003 Critical Infrastructure Assurance: Business Case for Public-Private Partnership Ken Watson 9 Sep 2003

INFORMATION SECURITY IN ARMENIA: PRESENT STATUS AND TASKS

Joint Force Headquarters-Michigan CCIRs and PIRs

California Cybersecurity Integration Center (Cal-CSIC)

Joint Force Headquarters-Michigan CCIRs and PIRs

Role for Electric Sector in Critical Infrastructure Protection R&D

NERC Critical Infrastructure Protection Advisory Group (CIP AG)

Presented by: Chief Dave Dato Wauconda Fire Department

Presentation transcript:

Unclassified  1 Critical Infrastructure Protection Chuck Whitley EMS User’s Group June 9, 1999

Unclassified  2 PDD-63 (May 22, 1998): President Clinton’s Goal “No later than the year 2000, the United States shall have achieved an initial operating capability and no later than (the year 2003) the United States shall have achieved and shall maintain the ability to protect our nation’s critical infrastructures from intentional acts that would significantly diminish the abilities of:  the Federal Government to perform essential national security missions and to ensure the general public health and safety;  state and local governments to maintain order and to deliver minimum essential public services;  the private sector to ensure the orderly functioning of the economy and the delivery of essential telecommunications, energy, financial and transportation services.”

Unclassified  3 National Infrastructure Protection Center –Its mission includes providing timely warnings of intentional threats and attacks, producing comprehensive analyses, and coordinating law enforcement investigation of and response to threats and attacks PDD-63, May 22, 1998: –The NIPC will provide a national focal point for gathering information on threats to infrastructures –The NIPC will support National Command Authority during a foreign-sponsored attack on U.S. interests

Unclassified  4 Information Flow PRIVATE SECTOR ISACs FED GOV’T WARNINGS ALERTS ADVISORIES INTERAGENCY INVESTIGATION ANALYSIS & WARNING WATCH CENTER COMPUTER INTRUSION INVESTIGATIONS USG DECISION MAKERS

Unclassified  5 NIPC Indications & Warnings Objective: It is the objective of the NIPC to develop a national-level system that provides timely, accurate, actionable warning of infrastructure threats and attacks.

Unclassified  6 NIPC Approach to Achieve Objectives Immediately develop a tactical warning system –Warn of threats and imminent attacks at the earliest possible time –Achieve in near term Ultimately develop a strategic warning system –Seeks to identify as early as possible dynamic features of a situation that may affect US interests –Requires participation of Intelligence and Law Enforcement communities, other government agencies, and the private sector –Development will proceed in parallel to tactical system

Unclassified  7 I&W Schedule Electric Power, Telecom initial Operations Electric Power, Telecom initial Operations PDD-63 IOC PDD-63 FOC

Unclassified  8 I&W Concept Infrastructure Owners & Operators NIPC Sector Lead Agencies Federal, State, & Local Law Enforcement Other Government Agencies Intelligence Community Department of Defense Warnings “Indicators”

Unclassified  9 When to Notify NIPC: General Guidelines ASAP after an infrastructure –Has had significant capability degraded Service disruption Core capability degraded (e.g., management / control functions) –Has potential to suffer significant damage or degraded capability If in doubt, err on the side of caution –Is subject to suspicious patterns of behavior or responses to control Anomalous technical attributes, timing, locations, etc.

Unclassified  10 Warning Outputs from NIPC NIPC will disseminate three types of messages: Initially, NIPC will disseminate these messages through existing communication channels Advisories will be issued as appropriate when new information on threats or vulnerability becomes available. Alerts will be issued when serious vulnerabilities or threats are uncovered that threaten infrastructure operations. Warnings will be issued when serious, confirmed vulnerabilities in one or more infrastructure sectors appear to be the focus of confirmed threat activity.

Unclassified  11 Reporting Criteria (Strawman) Critical electric power facilities –Control Centers Power Pools Control Areas (~ 150) Regional/Secuirty Coordinators (~ 22) Independent System Operators –Transmission Systems HV Substations ( > 230 kV) HV Lines ( > 230 kV)

Unclassified  12 Reporting Criteria (Strawman) Critical networks and systems –SCADA and Energy Management Systems –Networks and other systems used for generation and transmission control –Networks used for essential communications for system operation, control, and maintenance –NERCNet, including the InterRegional Secuirty Network (ISN)