Homeland Security Resources for Security Professionals Phillip - - PowerPoint PPT Presentation

Homeland Security Resources for Security Professionals

Phillip Osborn CPP, CISSP, CAMS

Supervisory Special Agent, DHS-HSI, (ret.) President ATIS Consulting, LLC.

Purpose

To provide information about resources and professional development opportunities offered by the Department of Homeland Security to public and private sector security professionals and organizations including:

• Resources to help support an organization’s security
• Training, career development, and educational opportunities
• DHS public-private sector partnership opportunities

You Are….

Security Professionals from:

• Private Sector
• Military and Government
• Law Enforcement (SLTT)
• Critical Infrastructure
• Academia

The Department of Homeland Security and its component offices, directorates, and sub agencies with resources, partnership, and training opportunities:

• USCG
• ICE (HSI,ERO)
• CBP (USBP)
• FLETC
• NCCIC
• USSS
• TSA (FAMS)
• FEMA
• USCIS
• Directorates and Offices
• Science and Technology

Directorate

• Countering Weapons of

Mass Destruction Office

• Office of Intelligence and

Analysis

• National Protection and

Programs Directorate

DHS Program Offices and Directorates (HQ)

Office of Partnership and Engagement

https://www.dhs.gov/partnership-engagement “The Office of Partnership and Engagement (OPE) coordinates the Department of Homeland Security’s

• utreach efforts with critical stakeholders

nationwide, including state, local, tribal, territorial (SLTT) governments, SLTT elected officials, SLTT law enforcement, the private sector, and colleges and universities.”

Office of Intergovernmental Affairs

https://w /www.dhs.gov/office-intergovernmental-affairs-1

“The IGA is responsible for initiating the homeland security dialogue with executive-level partners at the SLTT levels, along with the national associations that represent them. The State, local, and tribal teams are each served by a Director, who is charged with

• verseeing outreach and engagement with SLTT

stakeholders on a variety of DHS-related programs and policy issues.”

Office for State and Local Law Enforcement

https://www.dhs.gov/office-state-and-local-la law-enforcement#

• Coordinates DHS-wide policies related to state,

local, tribal, and territorial law enforcement’s role in Homeland Security.

• Primary liaison between DHS and non-Federal law

enforcement agencies.

Includes resources for the Private Sector as well

https: s://www.dhs.gov/publi lication/dhs-state-and-local-law- enforcement-resource-catalog

Private Sector Office

https:/ ://www.dhs.gov/priv ivate-sector-offi fice

• The Private Sector Office (PSO) provides the Secretary and

Department leaders with advice on issues relevant to the private sector, including academia, non-profits, NGOs, and businesses.

• Engages businesses, trade associations and other non-

governmental organizations to foster dialogue with the Department.

• Promotes public-private partnerships and best practices to

improve the nation's homeland security.

• Promotes Department policies to the private sector.

Private Sector Resources Catalog

https://www.dhs.gov/private-sector-resources-catalog The Private Sector Resources Catalog is a centralized directory to DHS resources targeted for the private sector including small and large businesses, academia, trade associations, and other non-governmental

• rganizations. The catalog lists the training,

publications, guidance, alerts, newsletters, programs, grant opportunities, and services available to the private sector across the Department.

Loaned Executive Program

https:/ ://www.dhs.gov/lo loaned-executiv ive-program The Loaned Executive Program is an opportunity for top executives from the private sector to share their expertise with Homeland Security. “ Through the Loaned Executive Program, Homeland Security works with the private sector on innovative solutions to homeland security challenges. “

Office of Academic Engagement

https:// //www.dhs.g .gov/topic/academic-engagement

The OAE’s works with the academic community across the DHS enterprise and focuses on six areas:

• Academic Research and Faculty Exchange:
• Campus Resilience
• Cyber security
• Homeland Security Academic Programs
• International Students:
• Student and Recent Graduate Recruitment (internships and

career opportunities)

DHS Office of Science and Technology

https:/ ://www.dhs.gov/scie ience-and-technolo logy

• Works to develop and execute programs that identify,

evaluate, and commercialize technologies into products

• r services to support the homeland security enterprise.
• “Works with diverse partners from across the

government, industry, academia, laboratories and even around the world.”

• S&T helps these partners experiment, find emerging

technologies, and commercialize to find better ways to protect the homeland.

• Industry Guide
• S&T Innovation Strategy

Office of Infrastructure Protection- Training Opportunities

https:/ ://www.dhs.gov/crit itic ical-in infrastructure-train inin ing Is partnered with the Federal Emergency Management Agency’s (FEMA) National Training and Education Division to offer training programs to critical infrastructure partners.

Critical In Infr frastructure Training- In Independent St Study Courses

National Infrastructure Protection Foundational Courses

• IS-860.C: Introduction to the National Infrastructure

Protection Plan

• IS-821.A: Introduction to the Critical Infrastructure

Support Annex

• IS-913.A: Achieving Results through Critical

Infrastructure Partnership and Collaboration

• IS-921.A: Implementing Critical Infrastructure

Security and Resilience

Security Awareness Training

• IS-906: Workplace Security Awareness
• IS-907: Active Shooter: What You Can Do
• IS-912: Retail Security Awareness: Understanding the

Hidden Hazards

• IS-914: Surveillance Awareness: What You Can Do
• IS-915: Protecting Critical Infrastructure against Insider

Threat

• IS-916: Critical Infrastructure Security: Theft and

Diversion – What You Can Do

Sector-Specific Training

• Chemical Sector Training
• Commercial Facilities Sector Training
• Dams Sector Training
• Emergency Services Sector Training
• Nuclear Reactors, Materials, and Waste Sector

Training

Critical Infrastructure Learning Series

https:/ ://www.dhs.gov/crit itic ical-in infr frastructure-le learnin ing-serie ies “Critical infrastructure experts conduct these one- hour webinars that focus on the tools, trends, issues, and best practices for infrastructure security and

• resilience. Series offerings are available at no-cost and

are highly recommended for private sector and government partners, including critical infrastructure

• wners and operators and officials responsible for

risk, security, and emergency management functions.”

Cybersecurity Training

https:/ ://ic ics-cert.us-cert.gov/Train inin ing-Avail ilable le-Through- ICS ICS-CERT

• The Industrial Control Systems Cyber Emergency Response

Team (ICS-CERT) works to reduce risks within and across all critical infrastructure sectors. The Virtual Learning Portal (VLP) provides online training for those involved in the security of Industrial Control Systems (ICS) for no cost.

• The National Initiative for Cybersecurity Careers and

Studies (NICCS) Education and Training Catalog is a central location where cybersecurity professionals across the nation can find over 3,000 cybersecurity courses.

Other Crit itic ical In Infrastructure Resources

https:/ ://www.dhs.gov/crit itic ical-in infrastructure-resources

• Protective Security Advisors (PSA) – PSAs are trained critical

infrastructure security and resilience and vulnerability mitigation subject matter experts.

• Homeland Security Information Network - Critical

Infrastructure (HSIN-CI) – Sharing of Sensitive But Unclassified (SBU) information. The Critical Infrastructure community on HSIN (HSIN-CI) is the primary system through which private sector owners and operators, DHS, and other federal, state, and local government agencies collaborate to protect the nation’s critical infrastructure.

• Suspicious Activity Reporting Tool – This HSIN-CI Suspicious

Activity Reporting tool allows non-uniformed, law enforcement private sector members to submit formalized suspicious activity reports to appropriate law enforcement

• fficials and to facilitate efficient information sharing and

responsiveness.

• Business Continuity Planning Suite – The Business

Continuity Planning (BCP) Suite consists of three main components: BCP training, BCP and disaster recovery plan tool, and exercises for an implemented BCP. The suite and training are free and available to all.

• The Infrastructure Development and Recovery

Program- coordinates a suite of resources and methods to enhance infrastructure security and resilience to all natural and human hazards during planning, maintenance and recovery across the critical infrastructure community. Resources are developed and shared with federal, local, tribal, state, academic, and regional partners and the private sector in order to encourage a holistic resilient strategies, policies, and best practices.

Protective Security Advisors

https:/ ://www.dhs.gov/protectiv ive-securi rity-advis isors

The PSA Program’s primary mission is to proactively engage with federal, state, local, tribal, and territorial government mission partners and members of the private sector stakeholder community to protect critical infrastructure through five mission areas:

• Planning, coordinating, and conducting security and resilience

surveys and assessments of nationally significant critical infrastructure through Assist Visits, Infrastructure Survey Tool, Rapid Survey Tool, and the Regional Resiliency Assessment Program.

• Planning and conducting outreach activities and providing access to

critical infrastructure security and resilience resources, training, and information for critical infrastructure owners and operators, community groups, and faith-based organizations.

• Supporting National Special Security Events (NSSEs) and Special

Event Assessment Rating (SEAR) Level I and II events, such as Super Bowls, Presidential Inaugurations, and Democratic and Republican National Conventions.

• Serve as liaisons between federal and local government
• fficials and private sector critical infrastructure owners

and operators during and after an incident.

• Coordinate and support improvised explosive device

awareness and risk mitigation training, as well as Office

• f Cybersecurity and Communications assessments and

resources. PSAs also conduct joint site visits and vulnerability assessments of critical infrastructure assets with the Federal Bureau of Investigation. They work with the United States Secret Service to provide vulnerability assessments, security planning, and coordination during NSSEs and other large-scale special events.

Sector Outreach and Programs Division

http tps: s://www.dhs.gov/sopd

Mission “To build, align, and leverage national public-private stakeholder partnerships and partnership programs to enhance critical infrastructure security and resilience.”

• Serves as the sector-specific agency for 6 of the critical infrastructure

sectors and coordinates across all 16 critical infrastructure sectors

• Providing expertise in critical infrastructure security and resilience
• Enables critical infrastructure security partnerships and manages the

Critical Infrastructure Partnership Advisory Council

• Develops and delivers stakeholder education, training, and exercises
• Facilitates information-sharing and manages the critical infrastructure

information sharing environment

Counter-Improvised Explosive Device (IE (IED) Training and Awareness

https:/ ://www.dhs.gov/bombin ing-preventio ion-train inin ing- courses The Office for Bombing Prevention (OBP) develops tools to improve national preparedness for bombing threats at all levels of government, the public, and the private sector. Course options include bombing prevention workshops, soft target awareness, and surveillance detection. For more information, contact the Office for Bombing Prevention at OBP@hq.dhs.gov.

Active Shooter Preparedness Workshops

https:/ ://www.dhs.gov/activ ive-shooter-preparedness DHS offers free courses, materials, and workshops to better prepare for and deal with an active shooter situation and to raise awareness of behaviors that represent pre-incident indicators and characteristics

• f active shooters.

DHS Office of In Intelli lligence and Analysis

https://www.dhs.gov/office-in intelli lligence-and-analysis is

Information Center Fusion Center partnership opportunities

• https://www.dhs.gov/building-law-enforcement-and-

homeland-security-partnerships

• Fusion Centers and Joint Terrorism Task Forces
• Fusion Centers and FBI Field Intelligence Groups
• Fusion Centers and High Intensity Drug Trafficking Areas
• Fusion Centers and Regional Information Sharing System (RISS)

Centers

• Fusion Centers and Emergency Operations Centers
• Tribal Participation in Fusion Centers
• Deployed Intelligence Officers and Protective Security Advisors
• Private Sector Engagement with Fusion Centers

National Cybersecurity and Communications Integration Center (NCCIS)

https:// //ics-cert.us-cert rt.g .gov/

• NCS – National Communications System
• NCC – National Coordinating Center (NCC) for

communications

• US-CERT – United States Cyber Emergency

Readiness Team

• ICS-CERT – Industrial Control Systems Cyber

Emergency Readiness Team

Unit ited St States Computer Emergency Readiness Team- US US-CERT https://www.us-cert.gov/ccubedvp

In Industrial Control System Cyber Emergency Response Team (IC ICS-CERT) https://ic ics-cert.u .us- cert.gov/

Web - Based Training available on the ICS-CERT Virtual Learning Portal

• Operational Security (OPSEC) for Control Systems

(100W) - 1 hour

• Differences in Deployments of ICS (210W-1) – 1.5

hours

• Influence of Common IT Components on ICS

(210W-2) – 1.5 hours

• Common ICS Components (210W-3) – 1.5 hours
• Cybersecurity within IT & ICS Domains (210W-4) –

1.5 hours

• Cybersecurity Risk (210W-5) – 1.5 hours
• Current Trends (Threat) (210W-6) – 1.5 hours
• Current Trends (Vulnerabilities) (210W-7) – 1.5

hours

• Determining the Impacts of a Cybersecurity

Incident (210W-8) – 1.5 hours

• Attack Methodologies in IT & ICS (210W-9) – 1.5

hours

• Mapping IT Defense-in-Depth Security Solutions to

ICS (210W-10) – 1.5 hours

Instructor Led Training

• Introduction to Control Systems Cybersecurity (101) -

8 hrs

• Intermediate Cybersecurity for Industrial Control

Systems (201) - 8 hrs

• Intermediate Cybersecurity for Industrial Control

Systems (202) - 8 hrs

• ICS Cybersecurity (301) - 5 days

Cyber Security Assessments

Security assessments in partnership with ICS stakeholders, including critical infrastructure owners and operators, ICS vendors, integrators, Sector- Specific Agencies, other Federal departments and agencies, SLTT governments, and international partners.

DHS Component Agency Resources

Federal Emergency Management Agency - FEMA

Training and career Development Opportunities

• Center for Homeland Defense and Security (CHDS)
• National Domestic Preparedness Directorate
• FEMA – Emergency Management Institute

The Center for Homeland Defense and Security

https://www.chds.us The Nation’s Homeland Security Educator! https://www.youtube.com/watch?time_ continue=130&v=fM4kDNFO-yM Education and career development

• pportunities for public and private

sector security interests.

Su Supported by y training fr from

• m

Module 0 - 3

National Domestic Preparedness Consortium

National Domestic Preparedness Directorate

NDPC Competencies…

EMRTC

Explosive and incendiary attacks

NERRTC

Incident Management, EMS, Hazmat, Public Works, Threat and Risk Assessment, Senior Executive Programs, Infrastructure Protection, Cyber Security

NCBRT

Prevention, deterrence and response to terrorist acts, chem- /bio-/ag-related terrorism response

NNSS/NSO (CTOS)

Prevention, deterrence, and response to radiological/nuclear attacks

CDP

Prevention, deterrence, and response to chemical, biological, and nuclear attacks involving hazmat

SERTC

Transportation research and testing organization, providing emerging technology solutions for the railway industry

NDPTC

Monitoring natural hazards, evaluating risks to urban populations and planning for the response, recovery and reconstruction of areas following a disaster Module 0 - 4

https:/ ://www.ndpc.us/Catalog.aspx

• Non-Technical- ONLINE
• AWR 175 Information Security for Everyone
• AWR 174 Cyber Ethics
• AWR 168 Cyber Law and Cyber White Collar Crime
• Business Professionals- ONLINE
• AWR 176 Business Information Continuity
• AWR 177 Information Risk Management
• AWR 169 Cyber Incident Analysis and Response
• Technical- ONLINE
• AWR 173 Information Security Basics
• AWR 178 Secure Software and Network Assurance
• AWR 138 Network Assurance
• AWR 139 Digital Forensics Basics
• Face-to-Face
• MGT 384 Community Preparedness for Cyber

Incidents

• MGT 385 Community Cybersecurity Exercise

Planning

• AWR 136 Essentials of Community Cybersecurity
• MGT 452 Physical and Cybersecurity for Critical

Infrastructure

Module 03 - 17 Cybersecurity courses offered through TEEX:

All offered at no cost !

Texas A&M University Engineering Extension Service TEEX– Home of NERRTC

Information on TEEX Training Courses at TEEX.org/nerrtc

FEMA – Emergency Management In Institute

https://training.fema.gov/emicourses/emicatalog.aspx

U.S .S. . Coast Guard

Homeport web Portal- https://homeport.uscg.mil/

• Homeport is the United States Coast Guard’s

enterprise Internet portal for the Maritime Community.

• Brings together US Coast Guard personnel,

members of the Maritime Community, and other designated individuals allowing them to share information quickly.

Immigration and Customs Enforcement (ICE)- Homeland Security Investigations (HSI)

HSI-Public and Private Sector opportunities

• IPRCenter - https://www.ice.gov/iprcenter
• Border Enforcement Security Task Force (BEST)-

https://www.ice.gov/best

• Cyber Crimes Center -https://www.ice.gov/cyber-crimes
• HSI Forensic Laboratory-https://www.ice.gov/hsi-fl
• Counter Proliferation Program- Shield America

https://www.ice.gov/project-shield-america

• Bulk Cash Smuggling Center -https://www.ice.gov/bulk-

cash-smuggling-center

• Cornerstone - https://www.ice.gov/cornerstone

U.S. Secret Service (USSS)

• Electronic Crimes Task Forces (ECTFs)
• The Secret Service’s 40 ECTFs leverage the

combined resources of academia, the private sector and local, state and federal law enforcement.

https://www.dhs.gov/sites/default/files/publications/USSS%2 0Electronic%20Crimes%20Task%20Force.pdf

USSS- National Computer Forensics Institute

https:/ ://www.ncfi fi.usss.gov/ncfi fi/ NCFI training courses are offered to state and local law enforcement, prosecutors and judges through funding from the federal government. Travel, lodging, equipment (in some classes), and course fees are provided at no costs to attendees or their agencies.

Transportation Security Agency –TSA

https:/ ://www.tsa.gov/for-in industry ry

Customs and Border Protection (CBP)

https: s://www.cbp.gov/border-security/ports-entry ry/cargo-securit ity/ctpat

• CTPAT- Customs Trade Partnership Against

Terrorism

• When an entity joins CTPAT, an agreement is made

to work with CBP to protect the supply chain, identify security gaps, and implement specific security measures and best practices.

• Applicants must address a broad range of security

topics and present security profiles that list action plans to align security throughout the supply chain.

• CTPAT members are considered to be of low risk,

and are therefore less likely to be examined at a U.S. port of entry.

Federal Law Enforcement Training Center (FLETC)

State, Local & Tribal Law Enforcement Training https://www.fletc.gov/state-local-tribal-law-enforcement-training

• The Federal Law Enforcement Training Centers’ (FLETC), State, Local

and Tribal Division (SLTD) supports law enforcement communities by providing low-cost and no-cost training opportunities conducted on the FLETC campuses in Glynco, Georgia; Artesia, New Mexico; Charleston, South Carolina and Cheltenham, Maryland. These programs support the development of specialized law enforcement knowledge and skills.

• The FLETC also exports training to host locations across the nation,

most of which are provided at no-tuition for sworn state, local and tribal law enforcement officers. These programs are hosted by departments or agencies and are open to officers from around the country.

• Just scratching the surface
• Visit the referenced web sites and resources for

more information.

Questions?

posborn@gmail.com