Presentation is loading. Please wait.

Presentation is loading. Please wait.

SECR 5140-FL Critical Infrastructure Protection Dr. Barry S. Hess Spring 2 Semester Week 3: 1 April 2006.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "SECR 5140-FL Critical Infrastructure Protection Dr. Barry S. Hess Spring 2 Semester Week 3: 1 April 2006."— Presentation transcript:

1 SECR 5140-FL Critical Infrastructure Protection Dr. Barry S. Hess Spring 2 Semester Week 3: 1 April 2006

2 2 Class Website Class Info http://home.covad.net/~bshess/ Contact info barry.hess@gmail.com 571.237.3418

3 3 Agenda Make-up Presentations Student Presentations National Strategy to Secure Cyberspace Discussion

4 Presentations

5 National Strategy to Secure Cyberspace White House Office of Homeland Security February 2003

6 6 Strategic Objectives Prevent cyber attacks against America’s critical infrastructures; Reduce national vulnerability to cyber attacks; and Minimize damage and recovery time from cyber attacks that do occur.

7 7 Critical Priorities for Cyberspace Security I.A National Cyberspace Security Response System; II.A National Cyberspace Security Threat and Vulnerability Reduction Program; III.A National Cyberspace Security Awareness and Training Program; IV.Securing Governments’ Cyberspace; and V.National Security and International Cyberspace Security Cooperation.

8 8 Cyber Security Research and Development Act (Public Law 107-305) Signed by President Bush on 27 November 2002 Authorized over $900M over five years to the National Science Foundation (NSF) and the National Institute of Standards and Technology (NIST) Funding will: Improve basic research in computer security Encourage partnerships between industry and academia Generate a new cybersecurity workforce

9 9 Information Sharing and Analysis Centers (ISACs) Sharing Information to Protect the Economy Develop ways of better protect our critical infrastructures and to help minimize vulnerabilities, DHS established ISACs to allow critical sectors to share information and work together to help better protect the economy http://www.dhs.gov/dhspublic/display?theme=73 &content=1375 http://www.dhs.gov/dhspublic/display?theme=73 &content=1375

10 10 Computer Emergency Response Team/Coordination Center (CERT/CC) Identified computer security—increased significantly from 2000 to 2002, going from 1,090 to 4,129

11 11 Cyberspace Vulnerabilities Source: CERT/CC

12 12 Guiding Principles A National Effort Coordination and cooperation between federal, state, and local governments and the private sector is key to success Protect Privacy and Civil Liberties Enhanced cyber security is not an anathema to personal privacy rights Regulation and Market Forces Balance between government edicts and what commercial markets can do Accountability and Responsibility: National Strategy to Secure Cyberspace Assigns single agency to lead cyber security initiative Ensure Flexibility As threat evolves so must our planning and capabilities Multi-Year Planning On-going process that must be updated and refreshed as new technologies arrive on market

13 13 Priority I: A National Cyberspace Security Response System  Major Actions and Initiatives 1.Establish a public-private architecture for responding to national- level cyber incidents; 2.Provide for the development of tactical and strategic analysis of cyber attacks and vulnerability assessments; 3.Encourage the development of a private sector capability to share a synoptic view of the health of cyberspace; 4.Expand the Cyber Warning and Information Network to support the role of DHS in coordinating crisis management for cyberspace security; 5.Improve national incident management; 6.Coordinate processes for voluntary participation in the development of national public-private continuity and contingency plans; 7.Exercise cybersecurity continuity plans for federal systems; and 8.Improve and enhance public-private information sharing involving cyber attacks, threats, and vulnerabilities.

14 14 Priority II: A National Cyberspace Security Threat and Vulnerability Reduction Program  Major Actions and Initiatives 1.Enhance law enforcement’s capabilities for preventing and prosecuting cyberspace attacks; 2.Create a process for national vulnerability assessments to better understand the potential consequences of threats and vulnerabilities; 3.Secure the mechanisms of the Internet by improving protocols and routing; 4.Foster the use of trusted digital control systems/supervisory control and data acquisition systems; 5.Reduce and remediate software vulnerabilities; 6.Understand infrastructure interdependencies and improve the physical security of cyber systems and telecommunications; 7.Prioritize federal cybersecurity research and development agendas; and 8.Assess and secure emerging systems

15 15 Priority III: A National Cyberspace Security Awareness and Training Program  Major Actions and Initiatives 1.Promote a comprehensive national awareness program to empower all Americans—businesses, the general workforce, and the general population—to secure their own parts of cyberspace; 2.Foster adequate training and education programs to support the Nation’s cybersecurity needs; 3.Increase the efficiency of existing federal cybersecurity training programs; and 4.Promote private-sector support for well-coordinated, widely recognized professional cybersecurity certifications.

16 16 Priority IV: Securing Governments’ Cyberspace  Major Actions and Initiatives 1.Continuously assess threats and vulnerabilities to federal cyber systems; 2.Authenticate and maintain authorized users of federal cyber systems; 3.Secure federal wireless local area networks; 4.Improve security in government outsourcing and procurement; and 5.Encourage state and local governments to consider establishing information technology security programs and participate in information sharing and analysis centers with similar governments.

17 17 Priority V: National Security and International Cyberspace Security Cooperation  Major Actions and Initiatives 1.Strengthen cyber-related counterintelligence efforts; 2.Improve capabilities for attack attribution and response; 3.Improve coordination for responding to cyber attacks within the U.S. national security community; 4.Work with industry and through international organizations to facilitate dialogue and partnerships among international public and private sectors focused on protecting information infrastructures and promoting a global “culture of security;” 5.Foster the establishment of national and international watch-and- warning networks to detect and prevent cyber attacks as they emerge; and 6.Encourage other nations to accede to the Council of Europe Convention on Cybercrime, or to ensure that their laws and procedures are at least as comprehensive.

18 Discussion

19 19 Discussion Questions Is the federal government doing enough to protect the critical infrastructure? What is the role of state and local governments in protecting the critical infrastructure?

20 20 Discussion Questions Does the war on terrorism have a cyber component? Are we currently engaged in cyber war?

21 Assignment for Week 4

22 22 Briefing Assignment Prepare and present a fifteen minute discussion on what your chosen topic question Cite sources

23 23 Topic Questions 1. What is the National Science Foundation doing for critical infrastructure protection? 2. What is the Defense Advanced Research Projects Agency doing for critical infrastructure protection? 3. What is the Institute for Information Infrastructure Protection (I3P)? 4. What is Public Key Infrastructure (PKI)? 5. What is Intrusion Detection and how does it work? 6. How does the Domain Name System (DNS) work? 7. How does a Virtual Private Network (VPN) work? 8. What is IP spoofing and why do we care? 9. How does Secure Sockets Layer (SSL) work? 10. What is the Honey Net Project? 11. Who is Kevin Mitnick and why do we care? 12. What is a White Hat Hacker? 13. What is the difference between a hacker and a cracker? 14. What is the Electronic Frontier Foundation (EFF)?

24 24 Additional Readings for Week 4 The Cyber-Intifada: Activism, Hactivism, and Cyber-Terrorism in the Context of the “New Terrorism” Georgetown University The Cyber-Posture of the National Information Infrastructure RAND Corporation

Download ppt "SECR 5140-FL Critical Infrastructure Protection Dr. Barry S. Hess Spring 2 Semester Week 3: 1 April 2006."

Similar presentations

Philippine Cybercrime Efforts

Philippine Cybercrime Efforts
International Telecommunication Union An Insight into BDT Programme 3 Marco Obiso ICT Applications and Cybersecurity Division Telecommunication Development.

International Telecommunication Union An Insight into BDT Programme 3 Marco Obiso ICT Applications and Cybersecurity Division Telecommunication Development.
AFCEA DC Cyber Security Symposium Military Joint Cyber Command Panel Harry Raduege Lieutenant General, USAF (Ret) Chairman, Center for Network Innovation.

AFCEA DC Cyber Security Symposium Military Joint Cyber Command Panel Harry Raduege Lieutenant General, USAF (Ret) Chairman, Center for Network Innovation.
Homeland Security at the FCC July 10, 2003. FCCs Homeland Security Focus Interagency Partnerships Industry Partnerships Infrastructure Protection Communications.

Homeland Security at the FCC July 10, FCCs Homeland Security Focus Interagency Partnerships Industry Partnerships Infrastructure Protection Communications.
International Telecommunication Union Developing a Cybersecurity Strategy that Supports National Policy Goals “Regional Arab Forum on Cybersecurity,” Giza.

International Telecommunication Union Developing a Cybersecurity Strategy that Supports National Policy Goals “Regional Arab Forum on Cybersecurity,” Giza.
ENISA Cyber Security Strategies Workshop November 27, 2014 Brussels

ENISA Cyber Security Strategies Workshop November 27, 2014 Brussels
CUBIC DEFENSE APPLICATIONS Security Summit Discussions Jeff Snyder Vice President, Cyber Programs Cubic Defense Applications.

CUBIC DEFENSE APPLICATIONS Security Summit Discussions Jeff Snyder Vice President, Cyber Programs Cubic Defense Applications.
David A. Brown Chief Information Security Officer State of Ohio

David A. Brown Chief Information Security Officer State of Ohio
National Infrastructure Protection Plan

National Infrastructure Protection Plan
1 NGA Regional Bio-Terrorism Conference Boston, Massachusetts January 12-13, 2004.

1 NGA Regional Bio-Terrorism Conference Boston, Massachusetts January 12-13, 2004.
The U.S. Coast Guard’s Role in Cybersecurity

The U.S. Coast Guard’s Role in Cybersecurity
Cyber Security R&D Challenges: A Homeland Security Perspective Simon Szykman, Ph.D. Director, Cyber Security R&D 202-254-5802.

Cyber Security R&D Challenges: A Homeland Security Perspective Simon Szykman, Ph.D. Director, Cyber Security R&D
Cyberterrorism. Critical Infrastructure Vulnerability.

Cyberterrorism. Critical Infrastructure Vulnerability.
DHS, National Cyber Security Division Overview

DHS, National Cyber Security Division Overview
Cyber Security: Past and Future John M. Gilligan CERT’s 20 th Anniversary Technical Symposium Pittsburgh, PA www.gilligangroupinc.com March 10, 2009.

Cyber Security: Past and Future John M. Gilligan CERT’s 20 th Anniversary Technical Symposium Pittsburgh, PA March 10, 2009.
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
CIAO.0209 - July 99 - 1 Critical Infrastructure Assurance Office Protecting America’s Cyberspace: Version 1.0 of the National Plan Jeffrey Hunker National.

CIAO July Critical Infrastructure Assurance Office Protecting America’s Cyberspace: Version 1.0 of the National Plan Jeffrey Hunker National.
PPA 573 – Emergency Management and Homeland Security Lecture 9b - Department of Homeland Security Strategic Plan.

PPA 573 – Emergency Management and Homeland Security Lecture 9b - Department of Homeland Security Strategic Plan.
Cyberspace and the Police Mamoru TAKAHASHI Head of Computer Forensic Center, Hi-tech Crime Technology Division National Police Agency, Japan.

Cyberspace and the Police Mamoru TAKAHASHI Head of Computer Forensic Center, Hi-tech Crime Technology Division National Police Agency, Japan.
(Geneva, Switzerland, September 2014)

(Geneva, Switzerland, September 2014)

Similar presentations

Ads by Google