Proprietary Information of BearingPoint Inc. | Copyright 2005 BearingPoint Inc. All rights reserved. America’s First National Critical Infrastructure Exercise.

Slides:



Advertisements
Similar presentations
Business Continuity Training & Awareness by Sulia Toutai (ANZ)
Advertisements

NOTE: To change the image on this slide, select the picture and delete it. Then click the Pictures icon in the placeholde r to insert your own image. Cybersecurity.
[Exercise Name] Functional Exercise Player Briefing [Location] [Date] [Logo Here]
GAMMA Overview. Key Data Grant Agreement n° Starting date: 1 st September 2013 Duration: 48 months (end date 31 st August 2017) Total Budget:
EDS Public Information Tabletop Exercise
DHS, National Cyber Security Division Overview
National Protection and Programs Directorate Department of Homeland Security The Office of Infrastructure Protection Cybersecurity Brief [Date of presentation]
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
Framework for Improving Critical Infrastructure Cybersecurity NIST Feb 2014.
Greg Shaw How do we turn private sector preparedness into an investment rather than a cost of doing.
PPA 573 – Emergency Management and Homeland Security Lecture 9b - Department of Homeland Security Strategic Plan.
Unit 8: Tests, Training, and Exercises Unit Introduction and Overview Unit objectives:  Define and explain the terms tests, training, and exercises. 
IS-0700.A: National Incident Management System, An Introduction
James Ennis, Department of State, USA ITU-D Question 22/1 Rapporteur.
EDS Tactical Communication Tabletop Exercise [Exercise Location] [Exercise Date] [Insert Logo Here]
Crisis Management Planning Employee Health Safety and Security Expertise Panel · Presenter Name · 2008.
Control environment and control activities. Day II Session III and IV.
Resiliency Rules: 7 Steps for Critical Infrastructure Protection.
National Response Framework
Part of a Broader Strategy
Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013 DRAFT.
October 27, 2005 Contra Costa Operational Area Homeland Security Strategic and Tactical Planning and Hazardous Materials Response Assessment Project Overview.
Unit 5:Elements of A Viable COOP Capability (cont.)  Define and explain the terms tests, training, and exercises (TT&E)  Explain the importance of a.
“Building sustainable capabilities across all phases of Emergency Management in Kansas through selfless service” KDEM EMPG 2012 OVERVIEW 13 September 2011.
PAR CONFERENCE Homeland Defense A Provider’s Perspective Lessons from TMI Dennis Felty November 15, 2001.
Japanese Government’s Efforts to Address Information Security Issues October, 2007 National Information Security Center (NISC)
Dam Hazard Consequences Assessment
EDS Inventory Management Tabletop Exercise [Exercise Location] [Exercise Date] [Insert Logo Here]
BOTSWANA NATIONAL CYBER SECURITY STRATEGY PROJECT
EDS Incident Command System Tabletop Exercise [Exercise Location] [Exercise Date] [Insert Logo Here]
Critical Infrastructure Protection Overview Building a safer, more secure, more resilient America The National Infrastructure Protection Plan, released.
Critical Infrastructure Protection: Program Overview
Background, Purpose, and Value of Exercises. 9/11 has changed water system security requirements Continued training for intentional incidents is critical.
Homeland Security Grant Program 2015 Process Michelle Hanneken Illinois Emergency Management Agency.
Role for Electric Sector in Critical Infrastructure Protection R&D Presented to NERC CIPC Washington D.C. June 9, 2005 Bill Muston Public Release.
Jerry Cochran Principal Security Strategist Trustworthy Computing Group Microsoft Corporation.
S/L/T Version 1 National Response Framework Overview for Local, Tribal and State Audiences January 22, 2008.
IT Strategy for Business © Oxford University Press 2008 All rights reserved Chapter 12 IT Security Strategies.
[Exercise Name] Full Scale Exercise Player Briefing [Location] [Date] [Logo Here]
℠ Pryvos ℠ Computer Security and Forensic Services May 27, 2015 Copyright © 2015 Pryvos, Inc. 1.
PS Version 1 National Response Framework Overview for Private Sector Audiences January 22, 2008.
© 2010 AT&T Intellectual Property. All rights reserved. AT&T, AT&T logo and all other marks contained herein are trademarks of AT&T Intellectual Property.
NATIONAL INCIDENT MANAGEMENT SYSTEM (NIMS)
Erman Taşkın. Information security aspects of business continuity management Objective: To counteract interruptions to business activities and to protect.
SNS Planning Elements Tabletop Exercise [Exercise Location] [Exercise Date] [Insert Logo Here]
Revision N° 11ICAO Safety Management Systems (SMS) Course01/01/08 Module N° 9 – SMS operation.
Business Continuity Disaster Planning
Homeland Security, First Edition © 2012 Pearson Education, Inc. All rights reserved. Overview of National Infrastructure Protection CHAPTER 3.
Sicherheitsaspekte beim Betrieb von IT-Systemen Christian Leichtfried, BDE Smart Energy IBM Austria December 2011.
Corrective Action Programs. 2 HSEEP Homeland Security Exercise and Evaluation Program Provides a common exercise policy and program guidance that constitutes.
TM Rosemarie Day, President Sarah Matousek, Consultant.
SEC 480 assist Expect Success/sec480assistdotcom FOR MORE CLASSES VISIT
March 23, 2015 Missouri Public Service Commission | Jefferson City, MO.
NATIONAL INCIDENT MANAGEMENT SYSTEM (NIMS)
Iowa Communications Alliance
Crisis management related research at
INFORMATION SECURITY IN ARMENIA: PRESENT STATUS AND TASKS
Critical Infrastructure Protection Policy Priorities
NIST Cybersecurity Framework
Security challenges in the Balkans
America’s First National Critical Infrastructure Exercise
Protective Security Advisor Program Brief
2017 Health care Preparedness and Response Draft Capabilities
Role for Electric Sector in Critical Infrastructure Protection R&D
John M. Felker Director, NCCIC.
Cybersecurity ATD technical
Introduction to: National Response Plan (NRP)
Copyright © 2012, Elsevier Inc. All rights Reserved.
Business Continuity Program Overview
Cyber Security in a Risk Management Framework
Presentation transcript:

Proprietary Information of BearingPoint Inc. | Copyright 2005 BearingPoint Inc. All rights reserved. America’s First National Critical Infrastructure Exercise Mr. Mark Gembicki, National Managing Director Critical Infrastructure Resiliency Practice | Public Release

1 Proprietary Information of BearingPoint Inc. | Copyright 2005 BearingPoint Inc. All rights reserved. Background n To date, no exercise has been conducted by, or for, the Private Sector n Government exercises reflect the needs and requirements of the “government” n Organization plans, policies, and procedures are not adequately assessed or evaluated in current government exercises dealing with critical infrastructures

2 Proprietary Information of BearingPoint Inc. | Copyright 2005 BearingPoint Inc. All rights reserved. Objectives n Conduct a private sector exercise n Improve relationships among and between key stakeholders n Exercise threat scenarios against operational aspects of the electrical grid n Provide an infrastructure for organizations to self test and evaluate organizational plans, policies, and procedures n Capture performance data to evaluate Critical Infrastructure Resiliency metrics and models – U.S. comparison against other countries n Identify key successes and failures n Allow for a natural response to scenarios – inaction as well as action is evaluated n Consider both socio-economic and national security impact n Articulate benefits for preventative security

3 Proprietary Information of BearingPoint Inc. | Copyright 2005 BearingPoint Inc. All rights reserved. Overview n Funded by the private sector n All exercise data will be protected under multi-party non-disclosure agreements n Exercise will simulate and maintain perspective between parties n All information will be treated as sensitive but unclassified information n Participants will play at the location from which they would most likely respond to a cyber event n “Functional” exercise- simulating a real time emergency scenario using real people and equipment to test plans and procedures n Conducted with a comprehensive “hot wash” and after action analysis report available to all participants

4 Proprietary Information of BearingPoint Inc. | Copyright 2005 BearingPoint Inc. All rights reserved. General Framework of Scenario n Scenario and General Framework: NCIE will use a common series of scenario and varying perspectives for all players that would a) produce a response, and b) resemble possible attacks directed toward participants n The draft framework includes four stages: Stage 1: Situational Awareness - Background information on an emerging threat/vulnerability will be provided to assess organizational incident detection capabilities Stage 2: Crisis Identification - Increased activity will be presented in an escalating fashion Stage 3: Business Impact - Activity will cause a series of business impacts to trigger contingency plans Stage 4: Recovery - Activities should diminish and begin the recovery/restoration process to “normal” conditions

5 Proprietary Information of BearingPoint Inc. | Copyright 2005 BearingPoint Inc. All rights reserved. Participant Benefits n Participants are provided with a stable framework to exercise and self evaluate organizational capabilities to respond to security events n Improved understanding of social, economic, and national security impacts as well as a way to measure them against stakeholder equity and “Duty of Care” principles n Opportunity to provide recommendations to the Department of Homeland Securities, Science & Technology directorate for future R&D spending n Establish and/or improve relationships for future response situations n Ensure plans are accurate, up to date and understood n Test core emergency response personnel n Identify success/weakness in organizational policies with tangible improvements identified n Increased awareness of attacks and effects n Participation in follow-on exercises across remaining critical infrastructures

6 Proprietary Information of BearingPoint Inc. | Copyright 2005 BearingPoint Inc. All rights reserved. Critical Dates Completion of Final Exercise Plan: September 23, 2005 Concepts and Objectives Meeting Date:May 23, 2005 Initial Plan Completed:June 24, 2005 Initial Planning Conference:July 11, 2005 Mid-Planning Conference: August 30, 2005 Final Planning Conference: September 8, 2005 Exercise Execution Date: October 18-19, 2005 Interim Findings Report:November 7, 2005 After Action Reports:December 16, 2005

7 Proprietary Information of BearingPoint Inc. | Copyright 2005 BearingPoint Inc. All rights reserved. NCIE Points of Contact Exercise Director Mr. Mark Gembicki Phone: Program Manager Mr. Joe Albaugh Phone: Exercise Advisor Mr. Amit Yoran Phone: Program Manager Ms. Jacklyn Blecker Phone:

8 Proprietary Information of BearingPoint Inc. | Copyright 2005 BearingPoint Inc. All rights reserved.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.