F e brua ry 2018 Se c tion Me e ting We lc o me Ab o a rd Say He - - PowerPoint PPT Presentation

F e brua ry 2018 Se c tion Me e ting

We lc o me Ab o a rd

Say He llo to our Ne w Sponsor

T ha nk Yo u to All o f Our Spo nso rs!

Upc o ming Se c tio n Me e ting s

Mar c h 13th

Building the F irst “Ste a mship” in Histo ry

F utur e Date s:

• April 10th
• Ma y 8th
• June 5th
• July 10th
• Aug ust 7th

T

• pic s/ Spe ake r

s in De ve lopme nt:

• E

thic s with L APE L S – April o r May

• Nic k Sa nds – June
• Pa ul Gruhn – tb d
• Cha mpio n T

e c hno lo g ie s – tb d

• Pe tro te c h – tb d
• Pro c e ss So lutio ns - tb d

Othe r Upc o ming I SA Ac tivitie s

• Distr

ic t 7 L e ade r ship Me e ting

– April 20-21 – Ga lve sto n, T X – T

• pic s o n Ag e nda

– Ho w to b ring ne w le a de rship in the lo c a l se c tio ns – Spo nso rship b e st pra c tic e s – to b e pre se nte d b y De a n Bic ke rto n – Using te c hno lo g y suc h a s we b -b a se d me e ting s

Cyb e rse c urity a nd I SA

I SA is the de ve lo pe r a nd a pplic a tio ns- fo c use d tho ug ht le a de r b e hind the wo rld’ s o nly c o nse nsus-b a se d industria l c yb e rse c urity sta nda rd. I SA’ s a ppro a c h to the c yb e rse c urity c ha lle ng e is ho listic , b ridg ing the g a p b e twe e n o pe ra tio ns a nd info rma tio n te c hno lo g y; a nd b e twe e n pro c e ss sa fe ty a nd c yb e rse c urity.

Cyb e rse c urity Re so urc e s

• ISA Cybe r

se c ur ity Re sour c e s

– Sta nda rds – T ra ining – Ce rtific a tio n Pro g ra ms – White pa pe rs – Co nfo rmity Asse ssme nt

isa.or g – T e c hnic al T

• pic s – Cybe r

se c ur ity

E xe c utive Orde r 13636

Signe d F e br uar y 12, 2013

E xe c utive Orde r 13636 o utline s re spo nsib ilitie s fo r F e de ra l De pa rtme nts a nd Ag e nc ie s to a id in I mpro ving Cr

itic al Infr astr uc tur e Cyb e rse c urity.

I n summa ry, it a ssig ns the se re spo nsib ilitie s a nd e sta b lishe s the po lic y tha t, “I t is the po lic y o f the Unite d Sta te s to e nha nc e the se c urity a nd re silie nc e o f the Na tio n’ s c r

itic al infr astr uc tur e a nd to ma inta in a c yb e r

e nviro nme nt tha t e nc o ura g e s e ffic ie nc y, inno va tio n, a nd e c o no mic pro spe rity while pro mo ting sa fe ty, se c urity, b usine ss c o nfide ntia lity, priva c y, a nd c ivil lib e rtie s.” https:/ / www.white ho use .g o v/ the -pre ss-o ffic e / 2013/ 02/ 12/ pre side ntia l- po lic y-dire c tive -c ritic a l-infra struc ture -se c urity-a nd-re sil

16 Critic a l I nfra struc ture Se c to rs

https:/ / www.dhs.g o v/ c ritic a l-infra struc ture -se c to rs

Che mic a l Co mme rc ia l F a c ilitie s Co mmunic a tio n Critic a l Ma nufa c turing Da ms De fe nse Ind ustria l Ba se E me rg e nc y Se rvic e s E ne rg y F ina nc ia l Se rvic e s F

• o d a nd

Ag ric ulture Go ve rnme nt F a c ilitie s He a lthc a re a nd Pub lic He a lth Info rma tio n T e c hno lo g y Nuc le a r Re a c to rs, Ma te ria ls a nd Wa ste T ra nspo rta tio n Wa te r a nd Wa ste wa te r

Wha t is NI ST ?

National Institute for Standar ds and T e c hnology

F

• unde d in 1901, NI

ST is a no n-re g ula to ry fe de ra l a g e nc y within the U.S. De par

tme nt of Comme r c e.

NI ST 's missio n is to pro mo te U.S. inno va tio n a nd industria l c o mpe titive ne ss b y a dva nc ing me a sure me nt sc ie nc e , sta nda rds, a nd te c hno lo g y in wa ys tha t e nha nc e e c o no mic se c urity a nd impro ve o ur q ua lity o f life .

NIST Cybe r se c ur ity Mission:

T

• imple me nt pra c tic a l c yb e rse c urity a nd priva c y thro ug h
• utre a c h a nd e ffe c tive a pplic a tio n o f sta nda rds a nd b e st

pra c tic e s ne c e ssa ry fo r the U.S. to a do pt c yb e rse c urity c a pa b ilitie s.

https:/ / www.nist.gov/

Wha t is the NI ST F ra me wo rk?

• NIST

F r ame wor k

– E na b le s o rg a niza tio ns to a pply the princ iple s a nd b e st pra c tic e s o f r

isk manage me nt to impro ving the

se c urity a nd re silie nc e o f c ritic a l infra struc ture . – Pro vide s o r

ganizatio n, str uc tur e and c o nsiste nc y to c yb e rse c urity b y

a sse mb ling sta nda rds, g uide line s, a nd pra c tic e s tha t a re wo rking e ffe c tive ly in industry to da y. – Co nsists o f thre e pa rts

– F ra me wo rk Co re – F ra me wo rk I mple me nta tio n T ie rs – F ra me wo rk Pro file https:/ / www.nist.gov/ c ybe r fr ame wor k

Framework Core Framework Implementation Tiers Framework Profile

Understanding to manage cybersecurity risk to systems, assets, data, and capabilities Identify the occurrence of a cybersecurity event Safeguards to ensure delivery of critical infrastructure services Action regarding a detected cybersecurity event

• Maintain plans for resilience
• Restore any capabilities or services

Identify Protect Detect Respond Recover

Framework

Framework Core Framework Implementation Tiers Framework Profile

Framework

Func Functions Categ egories Subcateg egories es Informative R e Refer eren ence IDEN ENTI TIFY ID PROT OTECT PR DE DETECT CT DE RE RESPO POND RS RECOVER RC

IDENTIFY PROTECT DETECT RESPOND RECOVER

Framework

Function Categ egory I Iden entifier er Category

IDENTIFY (ID)

ID.AM

Asset Management

ID.BE

Business Environment

ID.GV

Governance

ID.RA

Risk Assessment

ID.RM

Risk Management Strategy

Framework

Function Categ egory I Iden entifier er Category

PROTECT (PR)

PR.AC

Access Control

PR.AT

Awareness and Training

PR.DS

Data Security

PR.IP

Information Protection Processes and Procedures

PR.MA

Maintenance

PR.PT

Protective Technology

IDENTIFY PROTECT DETECT RESPOND RECOVER

IDENTIFY PROTECT DETECT RESPOND RECOVER

Framework

Function Categ egory I Iden entifier er Category

DETECT (DE)

DE.AE

Anomalies and Events

DE.CM

Security Continuous Monitoring

DE.DP

Detection Processes

IDENTIFY PROTECT DETECT RESPOND RECOVER

Framework

Function Categ egory I Iden entifier er Category

RESPOND (RS)

RS.RP

Response Planning

RS.CO

Communications

RS.AN

Analysis

RS.MI

Mitigation

RS.IM

Improvements

IDENTIFY PROTECT DETECT RESPOND RECOVER

Framework

Function Categ egory I Iden entifier er Category

RECOVER (RC)

RC.RP

Recovery Planning

RC.IM

Improvements

RC.CO

Communications

Cybersecurity Risks Manage Risks

Partial

Risk Informed Repeatable

Adaptive

Framework Core Framework Implementation Tiers Framework Profile

Framework

Consideration

• Risk management practices, threat environment,

legal & regulatory req., objectives & constraints

Ri Risk Management Pro rocess Inte tegrate ted R Risk Management P Program Ex External Parti ticipati tion

Tier 1 r 1 Partial ial

• Not formalized
• Reactive
• Limited awareness
• Irregular risk management
• Private information

No external collaboration

Tier 2 r 2 Risk I Informed ed

• Approved practices
• Not widely use as

policy

• More awareness
• Risk-informed, processes &

procedures

• Adequate resources
• Internal sharing

Not formalized to interact & share information

Tier 3 r 3 Repea eatable

• Approved as Policy
• Update regularly
• Organization approach
• Risk-informed, processes &

procedures defined & implemented as intended, and reviewed

• Knowledge & skills
• Collaborate
• Receive information

Tier 4 r 4 Adap aptiv ive

Continuous improvement

• Risk-informed, processes &

procedures for potential events

• Continuous awareness
• Actively

Actively shares information

Framework Core Framework Implementation Tiers Framework Profile

Alignment of Framework Core and business requirements, risk tolerance & resources Establish roadmap to reduce risk aligned with

• rganizational and sector goals

Describe current and desired state of specific events Action plan to address gaps

Framework

Create or improve a program

• 1. Prioritize

and Scope

• 2. Orient
• 3. Create

current profile

• 4. Conduct Risk

assessment

• 5. Create target

profile

• 6. Determine,

Analyze & Prioritize Gaps

• 7. Implement

Action Plan

Our Gue st Spe a ke rs

Gaby Kor e n

Vic e Pre side nt, Ame ric a s

Matthe w Pe tr auskas

Re g io na l Ac c o unt Dire c to r