Election Infrastructure Security: The How and Why of It Minnesota - - PowerPoint PPT Presentation

election infrastructure security the how and why of it
SMART_READER_LITE
LIVE PREVIEW

Election Infrastructure Security: The How and Why of It Minnesota - - PowerPoint PPT Presentation

Oct 03, 2022 284 likes •556 views

Election Infrastructure Security: The How and Why of It Minnesota ta County ty A Auditor E Election Training Conference May ay 3, 2 2018 Contents Elect ction I Infr fras astructure Se Secu curity O Overview Cy Cyber ber a

slide-1
SLIDE 1

Election Infrastructure Security: The How and Why of It

Minnesota ta County ty A Auditor E Election Training Conference

May ay 3, 2 2018

slide-2
SLIDE 2

Contents

  • Elect

ction I Infr fras astructure Se Secu curity O Overview

  • Cy

Cyber ber a and d Ph Physi sical S Sec ecurity S Ser ervi vices a and d Tool

  • ols

2

slide-3
SLIDE 3

Electio tion I Infras astructu ture S Security ity O Overvie view

slide-4
SLIDE 4

Elections: Critical to American Democracy

“Given the vital role elections play in this country, it is clear that certain systems and assets of election infrastructure meet the definition of critical infrastructure, in fact and in law.” – DHS Election Infrastructure Designation Statement, Jan. 6, 2017

Cr Critical in infrastructure is is de defin ined as: as:

“Systems and assets, whether physical or virtual, so vital to the United States that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, national public health or safety, or any combination of those matters.”

4

slide-5
SLIDE 5

Election

  • ns S

s Syst stems: ms: A Designated Critical Infrastructure

Unique designation that provides for a basis for the Department of Homeland Security and other federal agencies to:

  • Recognize the importance of these systems,
  • Prioritize services and support to enhancing security for such

infrastructure,

  • Afford the elections community an opportunity to work with each
  • ther and with the Federal Government, through government and

private sector coordinating councils, and

  • Communicate to the global community our intention to hold those

responsible who attack these systems as violating international norms.

5

slide-6
SLIDE 6

DHS HS E Emp mploys A A “Whol

  • le of
  • f Nation
  • n” A

Approach

Securing election infrastructure is a national priority and no one entity can be successful working alone ― it takes a “whole of nation” approach.

Federal Agencies Ac Academi mia Stat ate an e and Local Go Gov Private Secto tor

Just as most critical infrastructure is not federally owned or managed, election infrastructure is outside federal control. DHS values and builds partnerships based on a foundation of trust and information sharing.

6

slide-7
SLIDE 7

Par artnership ips: Crit itical Fo al Force Mu Mult ltip ipli lier

DHS, S, w with t the U U.S.

  • S. E

Electio ion A Assis istan ance C Commiss mmissio ion:

  • Established the Election Critical Infrastructure Working Group

(ECIWG) that brought together key federal, state, county, and local

  • fficials to plan subsector formation and prepare stakeholders to

identify and mitigate risk to election infrastructure.

Collaborat atio ion a and coordin dinat atio ion a are e esse sential ial:

  • DHS’s National Protection and Programs Directorate (NPPD) seeks

to partner and collaborate with all election community members and established multiple standing coordination meetings with

  • ther Federal interagency and State and local election officials on

partnership formation questions and recommendations.

7

slide-8
SLIDE 8

Coor

  • ordinating C

Cou

  • uncils: Sec

ector S Suppo pport t Forums ums

Governme ment C Coordin inat atin ing Counci cils

  • Enable agency and cross-jurisdictional coordination by

various levels of government – federal, state, local, or tribal, as appropriate Secto tor Coordin dinat atin ing Co Councils

  • Enable critical infrastructure owners and operators, their

trade associations, and other industry members to interact on a wide range of sector-specific strategies, policies, and activities.

8

slide-9
SLIDE 9

Election Infrastructure Subsector GCC

Feder ederal, state, e, and local g gover ernmen ent p partners formed med the e Election Infrastructure Subsec ector GCC (EIS S GCC) ) and met et f for the e first time me in Atlan lanta, Oc October 2017.

  • Formation was a milestone in multi-level government cooperation and

bolstered election infrastructure security and resiliency.

EIS G GCC: CC:

  • Enables partners to leverage information sharing; physical/cyber

products, resources, and capabilities; and collective expertise.

  • Is a 27-member group, 24 of which are state and local election officials.
  • Is led by a five-member Executive Committee (Chair: DHS/NPPD; EAC; a

Secretary of State; a state election director; and a local election director) which meets bi-weekly.

  • Met again in Washington, D.C., on February 15, 2018.

9

slide-10
SLIDE 10

Election Infrastructure Subsector CC

Private s sector s

  • r stakehold

holders f formed t the E Election Infrast astructure S Subse sector C Coordin inat atin ing C Council il ( (EISCC SCC) a and he held ld f first m meeting F Febru ruary 2 2018. .

  • Led by a five-member Executive Committee.

EISCC SCC r respo ponsib sibil ilit itie ies i s include de:

  • Serve as the primary liaison between the subsector

and government on election security and emergency preparedness.

  • Facilitate information and intelligence sharing.
  • Coordinate with DHS and the EIS GCC to develop,

recommend and review sector-wide plans, procedures.

10

slide-11
SLIDE 11

DHS HS W Wor

  • rks W

With A A Variety Of State a and Loc Local P Partners

DHS w work rks w with p h partners i in all l levels ls o

  • f govern

rnment: :

11

slide-12
SLIDE 12

Federal Pa Partners

DHS w works wit with n nume merous F Fede deral par partners, in including ag agencies in involved in d in election pr processes:

  • Department of Defense (DoD) Federal Voting Assistance Program (FVAP)
  • U.S. Election Assistance Commission (EAC)
  • Federal Bureau of Investigation (FBI)
  • National Institute of Standards and Technology (NIST)
  • Office of the Director of National Intelligence (ODNI)

12

slide-13
SLIDE 13

Cyber a er and P Physi sical Securi rity Servic vices a and Tools

slide-14
SLIDE 14

DHS E Electi tion I Infrastr tructu ture S e Ser ervices

DHS offers a broad range of services and programs to help secure election infrastructure. Services and programs are free, and all are voluntary and provided upon request. Contact Cybersecurit ity A y Advisors ( s (CSAs) s) or Pr Protec ective S e Secur ecurity Adviso sors ( s (PSAs As) to identify a CSA or PSA for you, and to discuss how to select, prioritize, and sequence available services and educational programs based on specific needs.

  • To contact CSAs, email: cyberadvisor@hq.dhs.gov
  • To contact PSAs, email: NICC@hq.dhs.gov

14

slide-15
SLIDE 15

24/7 cybersecurity operations centers that maintain close coordination among the private sector, government officials, the intelligence community, and law enforcement to provide situational awareness and incident response, as appropriate.

Conta tact t Information

For more information on DHS cyber programs, visit www.dhs.gov/cyber For access to the full range of DHS cyber resources, email SLTTCyber@hq.dhs.gov To become an EI-ISAC member, visit https://learn.cisecurity.org/ei-isac-registration

Cybe bersecurity ty Service C e Center ers

15

slide-16
SLIDE 16

Needs DH DHS S Servi vices Summa mmary

Iden enti tify a and L Limit t Vulnerabi bili lities Cybe ber H Hygiene S Scan anning Broadly assess Internet-accessible systems for known vulnerabilities and configuration errors on a persistent basis. As potential issues are identified DHS works with impacted stakeholders to mitigate threats and risks to their systems prior to their exploitation. Risk and V Vulnerab abili lity Assessme sment (RVA)

  • Penetration testing
  • Social engineering
  • Wireless access discovery
  • Database scanning
  • Operating system scanning

Phishing C g Campa paign gn Assessme sment

  • Measures susceptibility to email attack
  • Delivers simulated phishing emails
  • Quantifies click-rate metrics over a 10-week period

Su Summar ary of

  • f DH

DHS S Service ces: s:

Cyberse secur urity A Assessme ssments s (Sl

Slide 1 o 1 of 2) f 2)

16

slide-17
SLIDE 17

Needs DH DHS S Servi vices Summa mmary

Cyber R Ris isk a and IT Secu curity P y Program Assessme sment Cybe ber R Resili lience R Review (CRR CRR) One-day, onsite engagement conducted on an enterprise- wide basis to give insight on areas of strength and weakness, guidance on increasing organizational cybersecurity posture, preparedness, and ongoing investment strategies. External D al Dependencies Manageme ment A Assess ssme ment Assesses activities and practices used by an organization to manage risk arising from external dependencies that constitute the information and communication technology service supply chain. Cyber I Infrastructure S Survey y (C (CIS IS) Assesses an organization’s implementation and compliance with more than 80 cybersecurity controls.

Su Summar ary of

  • f DH

DHS S Service ces: s:

Cyberse secur urity A Assessme ssments s (Sl

Slide 2 o 2 of 2) f 2)

17

slide-18
SLIDE 18

Needs DH DHS S Servi vices Summa mmary

Physical S al Security IP A Active ve Shoote ter Prepare redness P Pro rogram Provides a comprehensive set of resources to position public and private sector organizations to reduce the impacts of an active shooter event. Includes in-person training, online training, and educational resources. For

  • r m

mor

  • re in

information, c con

  • ntact ASWorksho

hop@hq hq.d .dhs hs.g .gov or

  • r

visi sit www.d .dhs hs.g .gov/active-sho hooter-pr prepa paredne ness IP Un Unman anned A Aircraf aft System ( (UAS) I Initiative Addresses threats posed to critical infrastructure from emergent adversary use of UAS. Offers policies and risk mitigation solutions for safe, secure, and beneficial use of UAS, associated countermeasures, and cyber/physical emerging technology analysis. For

  • r m

mor

  • re in

information, c con

  • ntact IP

IP-UAS@h @hq.d .dhs.g .gov

Su Summar ary of

  • f DH

DHS S Service ces: s:

Physi sical S Secur urity I Initiatives s (Sl

Slide 1 1 of f 2) 2)

18

slide-19
SLIDE 19

Needs DH DHS S Servi vices Summa mmary

Physical S al Security IP S P Soft Target S Secu curity y Initiat ative Provides national leadership on technology, standards, and best practices to demonstrably reduce the risk of successful attacks on soft targets. Serves as a foundation for DHS-wide resources available to support the critical infrastructure community in securing soft targets. For m more i inf nformation, n, c cont ntact IP IP-SoftTargetSecurity@hq @hq.dhs hs.g .gov

Su Summar ary of

  • f DH

DHS S Service ces: s:

Physi sical S Secur urity I Initiatives s (Sl

Slide 2 2 of f 2) 2)

19

slide-20
SLIDE 20

Needs DH DHS S Servi vices Summa mmary

Iden enti tify a and L Limit t Vulnerabi bili lities Assi ssist V Visit (A (AV) On-site engagement to inform and educate owners and

  • perators on threats from terrorism, the criticality of

their facilities, and available Office of Infrastructure Protection (IP) and DHS resources. Infrastruct cture Survey T Tool ( (IST) T) Facilitated survey to identify and document critical infrastructure overall security and resilience, and provide information for protective measures planning and resource allocation. Hometown S Secu curity y Source for providing tools and resources to protect public-gathering venues.

Su Summar ary of

  • f DH

DHS S Service ces: s:

Physi sical A Asse sessme ssments

To learn more about our products and services, please visit https://www.dhs.gov/ecip and https://www.dhs.gov/hometown-security.

20

slide-21
SLIDE 21

Needs DH DHS S Servi vices Summa mmary

Detect Network rk Threats Cybe ber T Threat H Hunting Utilizes advanced hunting capabilities to identify adversary presence in a network that evades traditional security controls. For

  • r m

mor

  • re in

information, c call (888 888) 282 282-0870 Enhance N Network rk Protectio ion Enhan anced C Cybe ber S Services (ECS CS) Intrusion prevention service to augment, not replace, existing cybersecurity capabilities. Leverages sensitive and classified cyber threat indicators to block malicious traffic from entering customer networks. Service

  • fferings, available through accredited commercial

service providers, include:

  • Domain Name Service (DNS) Sinkholing
  • Email (SMTP) Filtering
  • Netflow Analysis

For

  • r m

mor

  • re in

information, v vis isit www.d .dhs hs.g .gov/enha hanced-cyb cybersecurity-services

Su Summar ary of

  • f DH

DHS S Service ces: s:

Cyb yber De Detec ect a and Pr d Prevent

21

slide-22
SLIDE 22

Needs DH DHS S Servi vices Summa mmary

Cybe ber A Alerts a and Advisor

  • ries

National al C Cybe ber A Awar areness Sys System (NCAS) S) Timely information about security topics and threats subscription to a mailing list. NCCIC provides current activity, alerts, bulletins, and security tips to stakeholders. For

  • r m

mor

  • re in

information, v vis isit www. w.us-cert/go gov/nc ncas Collab llabor

  • rat

ation

  • n

Homela land S Security Infor

  • rmat

ation

  • n N

Networ

  • rk

(HSIN IN) The NCCIC portal provides stakeholders a platform to securely collaborate and share cybersecurity information, threat analysis and products within trusted communities

  • f interest.

For

  • r m

mor

  • re in

information, c con

  • ntact

HSIN.O .Outreach@ h@hq hq.d .dhs.g s.gov Con

  • nnect t

to

  • HSIN a

at https://au auth.dhs.gov/oam am/hsinlog login/HSINL NLogin

Su Summar ary of

  • f DH

DHS S Service ces: s:

Cyber I Informat ation S Shar aring & & Awar areness

22

slide-23
SLIDE 23

Needs DH DHS S Servi vices Summa mmary

Analysi sis o s of Mali licious C Code Advanced M Malw lwar are Anal alysis C Center Provides 24/7 dynamic analyses of malicious code. Stakeholders submit samples via an online website and receive a technical document outlining the results of the analysis. Experts will detail recommendations for malware removal and recovery activities. This service can be performed in concert with Incident Response services, should the incident warrant the need. To s

  • submit m

malw lwar are f for a analy alysis, v visit www.ma .malware.u .us-cert.go gov Mitigat ation a and Recovery Incident Response Provides 24/7 intrusion analysis in response to a cyber incident Dispatches skilled personnel when a cyber incident occurs to assist in identifying malicious actors, technical analysis, containment, mitigation guidance, and post-incident recovery. Report t an i incident, t, a at www. w.us-cert.go gov/forms/repo port For

  • r m

mor

  • re in

information, v vis isit www www.us-cert.gov

Su Summar ary of

  • f DH

DHS Service ces: s:

CyberIncident R Resp spon

  • nse

se

23

slide-24
SLIDE 24
  • Provides cybersecurity support to SLTT governments.
  • Furthers DHS efforts to secure cyberspace by distributing early

warnings of cyber threats to SLTT governments.

  • Shares security incident information and analysis.
  • Runs a 24/7 watch and warning security operations center.
  • Operates a

an n el elec ections-specific threa eat warning c cen enter, t the E e Elec ection Infrastr tructu ture-ISAC

  • AC. To
  • join t

the E e EI-ISAC, C, go t

  • to
  • EI-ISAC

AC R Registration

  • Funded by DHS.

For more information, visit https://www.cisecurity.org/ms-isac.

24

slide-25
SLIDE 25

For m more i informa mati tion:

Conta tact D t Detail ails: s:

Glenn Sanders – DHS PSA Minnesota Glenn.Sanders@hq.dhs.gov Mike Christianson – DHS PSA Minnesota Michael.Christianson@hq.dhs.gov Tony Enriquez – DHS CSA – Region 5 Antonio.Enriquez@hq.dhs.gov

Visit t it the E Electio tion Security ity we webpage:

See also: https://www.dhs.gov/topic/election-security