Upload
others
View
5
Download
0
Embed Size (px)
Citation preview
Ron FordRegion 1 Cybersecurity Advisor – New England
Cyber Resilience during
COVID-19
CISA ROLE
Risk Management during COVID-19
Best Practices
We are the Nation’s Risk AdvisorsCISA leads national risk management for cyber and physical infrastructure
6
CISACybersecurity Advisor Program
7
CISA mission: Lead the collaborative national effort to strengthen the security and resilience of America’s critical infrastructure
In support of that mission, Cybersecurity Advisors (CSAs):
• Assess: Evaluate critical infrastructure cyber risk.
• Promote: Encourage best practices and risk mitigation strategies.
• Build: Initiate, develop capacity, and support cyber communities-of-interest and working groups.
• Educate: Inform and raise awareness.
• Listen: Collect stakeholder requirements.
• Coordinate: Bring together incident support and lessons learned.
Cybersecurity Advisor Program
HomelandSecurity Office of Cybersecurity and Communications
9
CISA Insights on COVID-19
• Risk Management for Novel Coronavirus (COVID-19)
• This product is for executives to help them think through physical, supply chain, and cybersecurity issues that may arise from the spread from of COVID-19.
• What’s in this guide:• Actions for Infrastructure Protection • Actions for your Supply Chain • Cybersecurity for Organizations • Cybersecurity Actions for your Workforce and Consumers
• To stay current with CISA’s efforts regarding the COVID-19, visit: cisa.gov/coronavirus.
10
CISA Cyber Essentials
• Cyber Essentials Toolkit: https://www.cisa.gov/cyber-essentials
• National Cyber Security Alliance: www. staysafeonline.org
• Hybrid work models may be possible where some workers may work on-premise and off-premise.
• Telework capability has certainly become extremely important during COVID-19 and stress-tested organizations’ capabilities on IT deployment, workload, and management as well as addressing security challenges.
11
Cyber Threat Landscape
11
12
Ever Expanding Attack Surface
HomelandSecurity Office of Cybersecurity and Communications
13
Cyber Threat Landscape
• May 23, 2020: Joint Announcement on Chinese Govt Targeting of COVID-19 Research Organizations,
• May 13, 2020, CISA updated the Cyber Resource Hub, which list free and available cybersecurity assessments
• May 12, 2020: CISA and the FBI published Cyber Alert (AA20-133A), Top 10 Most Exploited Vulnerabilities between 2016-2019
*The Health Sector is especially vulnerable to cyber threats
§ Ransomware§ Phishing Campaigns & Business E-mail Compromise§ Lack of Software Patching§ Misconfiguration of Technology§ Supply Chain (Hardware, Software, Cloud Services)§ Advanced Persistent Threats (Organized, Well-funded, Highly-capable
Groups)§ Internet of Things (IoT)§ Insider Threats (Intentional & Unintentional)§ Weak Passwords
*All listed will increase the likelihood of a compromise or service disruption.
Most Common Cyber Threats
15
Cybersecurity and Resilience
15
16
• Consider your health.
• How do you become healthy?• Can you buy good health? • Can you “manufacture” good
health?
• You can’t buy it in a product.
• Good health and resilience are both emergent properties.
• They develop – or emerge – from what we do.
Resilience Emerges From What You Do
17
• Periodic assessments are essential for resilience, helping you:
• Measure your cybersecurity efforts• Manage improvements over time
Criticality of Periodic Assessments
18
Working toward Cyber Resilience
Follow a framework or general approach to cyber resilience. One successful approach includes:
IdentifyServices
Create Asset Inventory
Protect & SustainAssets
Manage Disruptions
Exerciseand Improve
Identify and prioritize services
Identify assets and align assets to services and inventory assets
Establish risk management, resilience requirements, control objectives, and controls
Establish continuity requirements for assets and develop service continuity plans
Define objectives for cyber exercises, perform exercises, and evaluate results
Process Management and Improvement
19
CISA Cybersecurity Services
19
20
Sampling of Cybersecurity Offerings
Preparedness Assistance:
• Cybersecurity Advisors• Advisory Services• Assessments• Working group collaboration• Best Practices • Incident assistance coordination
• Protective Security Advisors • Assessments• Incident liaisons between government and
private sector• Support for National Special Security
Events
21
• Cyber Resilience Review (Strategic)
• External Dependencies Management (Strategic)
• Cyber Infrastructure Survey (Strategic)
• Cybersecurity Evaluations Tool (Strategic/Technical)
• Phishing Campaign Assessment (EVERYONE)
• Vulnerability Scanning / Hygiene (Technical)
• Validated Architecture Design Review (Technical)
• Risk and Vulnerability Assessment (Technical)
Range of Cybersecurity Assessments (Voluntary & No-Cost to You)
TECHNICAL(Network-Administrator Level)
STRATEGIC(C-Suite Level)
Tech
nica
lSt
rate
gic
22
BEST PRACTICES
Leadership Must OWN the Issue
Good Cyber Hygiene – Blocking and Tackling
Risk Management –What Can I Accept?
Balance Security, Mission and Privacy
Be Prepared –EXERCISE
Defend and Continue to Operate
Leverage Relationships
MAKE YOUR OWN LUCK!
QUESTIONS?
Contact UsReport Cyber Incidents:DHS/CISA24/7 Line: [email protected]://www.us-cert.gov/report
MS-ISAChttps://www.cisecurity.org/ms-isac/24/7 Line: [email protected]://www.cisecurity.org/isac/report-an-incident/
24
Ron FordDHS/CISA Cybersecurity Advisor Region 1 - New [email protected]@cisa.dhs.govwww.cisa.gov/cybersecurity