F e brua ry 2018 Se c tion Me e ting We lc o me Ab o a rd Say He - PowerPoint PPT Presentation

F e brua ry 2018 Se c tion Me e ting

We lc o me Ab o a rd Say He llo to our Ne w Sponsor

T ha nk Yo u to All o f Our Spo nso rs!

Upc o ming Se c tio n Me e ting s c h 13 th T opic s/ Spe ake r s in De ve lopme nt: Mar F utur e Date s: - April 10 th - E thic s with L APE L S – April o r May Building the F irst - Ma y 8 th - Nic k Sa nds – June “Ste a mship” in Histo ry - June 5 th - Pa ul Gruhn – tb d - July 10 th - Cha mpio n T e c hno lo g ie s – tb d - Aug ust 7 th - Pe tro te c h – tb d - Pro c e ss So lutio ns - tb d

Othe r Upc o ming I SA Ac tivitie s • Distr ic t 7 L e ade r ship Me e ting – April 20-21 – Ga lve sto n, T X – T o pic s o n Ag e nda – Ho w to b ring ne w le a de rship in the lo c a l se c tio ns – Spo nso rship b e st pra c tic e s – to b e pre se nte d b y De a n Bic ke rto n – Using te c hno lo g y suc h a s we b -b a se d me e ting s

Cyb e rse c urity a nd I SA I SA is the de ve lo pe r a nd a pplic a tio ns- fo c use d tho ug ht le a de r b e hind the wo rld’ s o nly c o nse nsus-b a se d industria l c yb e rse c urity sta nda rd. I SA’ s a ppro a c h to the c yb e rse c urity c ha lle ng e is ho listic , b ridg ing the g a p b e twe e n o pe ra tio ns a nd info rma tio n te c hno lo g y; a nd b e twe e n pro c e ss sa fe ty a nd c yb e rse c urity.

Cyb e rse c urity Re so urc e s ISA Cybe r se c ur ity Re sour c e s • – Sta nda rds – T ra ining – Ce rtific a tio n Pro g ra ms – White pa pe rs – Co nfo rmity Asse ssme nt isa.or g – T e c hnic al T opic s – Cybe r se c ur ity

E xe c utive Orde r 13636 Signe d F e br uar y 12, 2013 E xe c utive Orde r 13636 o utline s re spo nsib ilitie s fo r F e de ra l De pa rtme nts a nd Ag e nc ie s to a id in I mpro ving Cr e Cyb e rse c urity. itic al Infr astr uc tur I n summa ry, it a ssig ns the se re spo nsib ilitie s a nd e sta b lishe s the po lic y tha t, “I t is the po lic y o f the Unite d Sta te s to e nha nc e the se c urity a nd re silie nc e o f the Na tio n’ s c r e a nd to ma inta in a c yb e r itic al infr astr uc tur e nviro nme nt tha t e nc o ura g e s e ffic ie nc y, inno va tio n, a nd e c o no mic pro spe rity while pro mo ting sa fe ty, se c urity, b usine ss c o nfide ntia lity, priva c y, a nd c ivil lib e rtie s.” https:/ / www.white ho use .g o v/ the -pre ss-o ffic e / 2013/ 02/ 12/ pre side ntia l- po lic y-dire c tive -c ritic a l-infra struc ture -se c urity-a nd-re sil

16 Critic a l I nfra struc ture Se c to rs Che mic a l Co mme rc ia l Co mmunic a tio n Critic a l Da ms F a c ilitie s Ma nufa c turing De fe nse E me rg e nc y E ne rg y F ina nc ia l F o o d a nd Ind ustria l Ba se Se rvic e s Se rvic e s Ag ric ulture Go ve rnme nt Wa te r a nd Info rma tio n Nuc le a r Re a c to rs, T ra nspo rta tio n He a lthc a re a nd F a c ilitie s T e c hno lo g y Ma te ria ls a nd Wa ste Wa ste wa te r Pub lic He a lth https:/ / www.dhs.g o v/ c ritic a l-infra struc ture -se c to rs

Wha t is NI ST ? National Institute for Standar ds and T e c hnology F o unde d in 1901, NI ST is a no n-re g ula to ry fe de ra l a g e nc y within the U.S. De par c e . tme nt of Comme r NI ST 's missio n is to pro mo te U.S. inno va tio n a nd industria l c o mpe titive ne ss b y a dva nc ing me a sure me nt sc ie nc e , sta nda rds, a nd te c hno lo g y in wa ys tha t e nha nc e e c o no mic se c urity a nd impro ve o ur q ua lity o f life . NIST Cybe r se c ur ity Mission: T o imple me nt pra c tic a l c yb e rse c urity a nd priva c y thro ug h o utre a c h a nd e ffe c tive a pplic a tio n o f sta nda rds a nd b e st pra c tic e s ne c e ssa ry fo r the U.S. to a do pt c yb e rse c urity https:/ / www.nist.gov/ c a pa b ilitie s.

Wha t is the NI ST F ra me wo rk? NIST F r ame wor k • – E na b le s o rg a niza tio ns to a pply the princ iple s a nd b e st pra c tic e s o f r isk manage me nt to impro ving the se c urity a nd re silie nc e o f c ritic a l infra struc ture . – Pro vide s o r ganizatio n, str uc tur e and c o nsiste nc y to c yb e rse c urity b y a sse mb ling sta nda rds, g uide line s, a nd pra c tic e s tha t a re wo rking e ffe c tive ly in industry to da y. – Co nsists o f thre e pa rts – F ra me wo rk Co re – F ra me wo rk I mple me nta tio n T ie rs – F ra me wo rk Pro file https:/ / www.nist.gov/ c ybe r fr ame wor k

Framework Identify Understanding to manage cybersecurity risk to systems, assets, data, and capabilities Framework Core Protect Safeguards to ensure delivery of critical infrastructure services Framework Implementation Tiers Detect Identify the occurrence of a cybersecurity event Framework Profile Respond Action regarding a detected cybersecurity event Recover Maintain plans for resilience • Restore any capabilities or services •

Functions Func Categ egories Subcateg egories es Informative R e Refer eren ence Framework IDEN ENTI TIFY ID Framework Core PROT OTECT Framework PR Implementation Tiers DE DETECT CT Framework Profile DE RE RESPO POND RS RECOVER RC

Framework Function Categ egory I Iden entifier er Category ID.AM Asset Management IDENTIFY ID.BE Business Environment IDENTIFY PROTECT ID.GV Governance (ID) ID.RA Risk Assessment DETECT ID.RM Risk Management Strategy RESPOND RECOVER

Framework Function Categ egory I Iden entifier er Category PR.AC Access Control IDENTIFY PR.AT Awareness and Training PROTECT PR.DS Data Security PROTECT (PR) Information Protection Processes and PR.IP Procedures DETECT PR.MA Maintenance PR.PT Protective Technology RESPOND RECOVER

Framework Function Categ egory I Iden entifier er Category DE.AE Anomalies and Events IDENTIFY DETECT DE.CM Security Continuous Monitoring (DE) PROTECT DE.DP Detection Processes DETECT RESPOND RECOVER

Framework Function Categ egory I Iden entifier er Category RS.RP Response Planning IDENTIFY RS.CO Communications RESPOND PROTECT RS.AN Analysis (RS) RS.MI Mitigation DETECT RS.IM Improvements RESPOND RECOVER

Framework Function Categ egory I Iden entifier er Category RC.RP Recovery Planning IDENTIFY RECOVER RC.IM Improvements (RC) PROTECT RC.CO Communications DETECT RESPOND RECOVER

Framework Cybersecurity Risks Framework Core Manage Risks Framework Implementation Tiers Framework Profile Risk Partial Adaptive Repeatable Informed Consideration • Risk management practices, threat environment, legal & regulatory req., objectives & constraints

Ri Risk Inte tegrate ted R Risk Ex External Management Management P Program Parti ticipati tion Pro rocess Limited awareness Tier 1 r 1 • Not formalized • Irregular risk management No external collaboration • Reactive Partial ial • Private information • More awareness • Approved practices Risk-informed, processes & Tier 2 r 2 • • Not formalized to interact & Not widely use as procedures • share information Risk I Informed ed policy Adequate resources • Internal sharing • Organization approach • Risk-informed, processes & Tier 3 r 3 • Approved as Policy Collaborate • • procedures defined & implemented Update regularly Receive information Repea eatable • • as intended, and reviewed Knowledge & skills • Risk-informed, processes & • Tier 4 r 4 Continuous procedures for potential events Actively shares information improvement Continuous awareness Adap aptiv ive • Actively •

Framework Alignment of Framework Core and business requirements, risk tolerance & resources Framework Core Establish roadmap to reduce risk aligned with Framework organizational and sector goals Implementation Tiers Framework Profile Describe current and desired state of specific events Action plan to address gaps

1. Prioritize Create or and Scope improve a 7. Implement 2. Orient Action Plan program 6. Determine, 3. Create Analyze & current profile Prioritize Gaps 5. Create target 4. Conduct Risk profile assessment

Our Gue st Spe a ke rs Matthe w Pe tr auskas Gaby Kor e n Vic e Pre side nt, Ame ric a s Re g io na l Ac c o unt Dire c to r