Published on February 6, 2014
Developing Emergency Support Function (ESF) no. 18 Dave Sweigert, EMS, CISSP, CISA, PMP February, 2014 Dave Sweigert, EMS, PMP, CISA, CISSP 2/5/2014
Audience and Objectives • Objective: Provide non-cyber experts an awareness of the core concepts and terms used by cyber security professionals to facilitate better dialogue in the emergency planning process. • Primary audience: Emergency Managers tasked with developing an ESF 18 Annex Dave Sweigert, EMS, PMP, CISA, CISSP 2/5/2014
Basic concepts in addressing risk • Plan risk management • Identify risks • Quantitative risk analysis • Qualitative risk analysis • Plan risk responses • Control risk Dave Sweigert, EMS, PMP, CISA, CISSP 2/5/2014
CPG-201 and THIRA approach: Dave Sweigert, EMS, PMP, CISA, CISSP 2/5/2014
PMBOK Chapter 11 (RISK): Dave Sweigert, EMS, PMP, CISA, CISSP 2/5/2014
Risk assessment life cycle: • Identify what assets you need to protect • What are the vulnerabilities? • Types of risks and likelihood of exploit? • What are the downstream consequences if vulnerability is exploited by a threat agent? Dave Sweigert, EMS, PMP, CISA, CISSP 2/5/2014
Asset inventory and service questions: • What and where are the data “family jewels” (sensitive data)? • Are there service level expectations (24x7 public safety, no interruptions)? • Criticality of life safety systems (hospital systems used in life support)? Dave Sweigert, EMS, PMP, CISA, CISSP 2/5/2014
Identification of cyber assets: Dave Sweigert, EMS, PMP, CISA, CISSP 2/5/2014
Assess core security components: • Who are the cognizant personnel involved? • What are relevant policies, procedures, standards and guidelines (PSGs)? • What tools will be used to mitigate a cyber event? Dave Sweigert, EMS, PMP, CISA, CISSP 2/5/2014
Use a consistent risk model: Dave Sweigert, EMS, PMP, CISA, CISSP 2/5/2014
Understand the risks around assets: Dave Sweigert, EMS, PMP, CISA, CISSP 2/5/2014
Who are the exploiters? • Disgruntled employees (see disruption of traffic signals during union negotiations) • White/Gray/Black hat hackers • Cyber terrorists (Estonia cyber militias, Syrian Electronic Army) • Script kiddies (hacktivists) Dave Sweigert, EMS, PMP, CISA, CISSP 2/5/2014
How will you deal with exploit? • Accept the consequences (TARGET) • Diminish consequences with mitigation strategies • Transfer the risk to another party (outsource) Dave Sweigert, EMS, PMP, CISA, CISSP 2/5/2014
CONCLUSION Dave Sweigert, EMS, PMP, CISA, CISSP 2/5/2014
Conclusion • Embrace a consistent risk assessment framework • Have “all parties” at the table to identify key assets, threats and vulnerabilities • Seek guidance from leadership regarding on how you will deal with consequences • Strive for multi-discipline team Dave Sweigert, EMS, PMP, CISA, CISSP 2/5/2014
About the author: An Air Force veteran, Dave Sweigert acquired significant security engineering experience with military and defense contractors before earning two Masters’ degrees (Project Management and Information Security). He holds the following certifications: California Emergency Management Specialist (EMS), Project Management Professional (PMP) , Certified Information Security Systems Professional (CISSP), and Certified Information Systems Auditor (CISA). Mr. Sweigert has over twenty years experience in information assurance, risk management, governance frameworks and litigation support. Dave Sweigert, EMS, PMP, CISA, CISSP 2/5/2014
Presentación que realice en el Evento Nacional de Gobierno Abierto, realizado los ...
In this presentation we will describe our experience developing with a highly dyna...
Presentation to the LITA Forum 7th November 2014 Albuquerque, NM
Un recorrido por los cambios que nos generará el wearabletech en el futuro
Um paralelo entre as novidades & mercado em Wearable Computing e Tecnologias Assis...
CYBER RISK ASSESSMENT. ... Our approach at CRI is about marrying cyber security with risk management to deliver effective ... Cyber Awareness Training ...
... and national security depend ... Cyber Safety; Cybersecurity ... vulnerable to a wide range of risk stemming from both physical and cyber threats ...
Managing cyber security risk as ... risk assessment results, ... Situational awareness of an organisation’s cyber risk environment involves
... raising awareness of emergency managers across ... cyber incidents. The Cybersecurity Annex ... and Risk Assessment ...
Cyber Risk and Resilience Management; ... Security Engineering Risk Analysis ... A Guide for Project Managers; Managing Information Security Risks: ...
... Bridging the Gap between Cybersecurity and Emergency Management” ... National Cyber Security Awareness ... Sector Cyber Risk Assessment.
Cyber Risk and Resilience ... Network Situational Awareness; ... necessary to perform an information security assessment based on the OCTAVE Allegro ...
Completion of cyber risk assessment ... Global Risk Management Survey is ... While new risks such as cyber security
A risk assessment is a process to identify potential ... security, protection systems ... (Chemical, Biological, Radiological, Nuclear, Explosives), Arson ...