Department of Homeland Security Updatessp.scotsem.transportation.org › Documents › Wed - DHS - Critical... · Cyber Incident Reporting, ” released the same day A Unified Message

American Association of State Highway and Transportation OfficialsSpecial Committee on Transportation Security and Emergency Management

2016 Critical Infrastructure Committee Joint Annual Meeting

Department of Homeland Security Updates

Wednesday, August 24, 2016

Tucson, Arizona

Presenter’s Name June 17, 2003

Prevent Terrorism/Enhance Security

National Terrorism Advisory System advisories (Alerts and Bulletins) Follow local guidance and to report suspicious activity.

The “If You See Something, Say Something TM” campaign Report suspicious activity to local law enforcement.

2011

2


Hometown Security ToolsHelp Your Community Prepare in advance of an incident / attack Encourages businesses to Connect, Plan, Train, and Report

Helps prepare businesses and their employees to proactively think about the role they play in safety and security of their businesses and communities.

3


Active Shooter PreparednessEnhance preparedness through A "whole community" approach

Offer free Active Shooter training courses, materials, and workshops for a broad range of stakeholders to address issues such as: Active Shooter awareness (IS-907) Workplace Violence (IS-906) Incident Response (ISC Planning & Response Guide)

Better prepare you to deal with an active shooter situation Raise awareness of pre-incident behaviors, indicators, and

characteristics of active shooters.

4


Countering Violent Extremism (CVE)Violent extremist threats U.S. domestic terrorists and homegrown violent extremists International terrorist groups like al-Qaeda and ISIL Lone offenders or small groups become radicalized To commit violence at home, or abroad as foreign fighters

Internet and social media Used to recruit and radicalize

individuals to violence Conventional approaches are unlikely

to identify and disrupt all terrorist plots

5


Countering Violent Extremism Grant Program DHS issued a notice of funding opportunity on July 6, 2016 First federal grant funding available to Non-governmental organizations (NGOs) Institutions of higher education

2016 Grant Application Closing date: September 6, 2016New DHS Office for Community Partnerships (OCP) Created on September 28, 2015 Streamline and head DHS’s

domestic CVE efforts Primary source of leadership, innovation, and support for the

improved effectiveness of partners at federal, state, local, tribal and territorial levels.

6


Safeguard and Secure Cyberspace Information Sharing and Analysis

Organization (ISAO) Standards Organization (SO)

Commission on Enhancing National Cybersecurity Established by Executive Order 13718 within

the Department of Commerce February 09, 2016 Advisory in nature, the Commission will make detailed

recommendations to strengthen cybersecurity Final report due to the President by December 1, 2016 Requests for Information (RFIs) Current and future states of cybersecurity in digital economy Comment period ends September 9, 2016

7


Presidential Policy Directive 41 and Annex: United States Cyber Incident Coordination“Recognizes the leading role that DHS plays during cyber incidents,” DHS/S1

PPD-41, “United States Cyber Incident Coordination,” released July 26, 2016: Sets forth principles governing the Federal Government’s response

to any cyber incident Establishes lead Federal agencies and an architecture for

coordinating the broader Federal Government response Requires the Departments of Justice and Homeland Security to

maintain updated contact information

PPD-41 Annex, “Cyber Incident Reporting,” released the same day A Unified Message for Reporting to the Federal Government

8


Federal Cyber Incident Response Two types of Federal Incident Response (Threat and Asset)Threat Response -- Lead: Department of Justice (FBI) Attributing, pursuing and disrupting malicious cyber

actors and activity Conducting criminal investigations and

other actions to counter the malicious cyber activity

FBI will work with their National Cyber Investigative Joint Task Force, and Department of Homeland Security’s U.S. Secret Service and U.S. Immigration and customs Enforcement/Homeland

Security Investigations Cyber Crimes Center (C3)

9


Federal Cyber Incident Response

Tactical

Continue to help affected entities: Find the adversary on its systems, Learn how the adversary broke in, Remove the adversary from its

systems, and Rebuild its systems to be more

secure moving forward.

Strategic

Coordinate the asset response Coordinate all government

assistance to the victim, Share anonymized lessons

learned information broadly, Distribute threat indicators through

its Automated Indicator Sharing system, and

Identify and alert other entities at risk from this attack.

Asset Response -- Lead: Department of Homeland Security National Cybersecurity and Communications Integration Center (NCCIC), Cyber Unified Coordination Group (UCG)

10


Federal Cyber Incident Response Department of Homeland Security’s support role in:Threat Response -- Lead: Department of Justice (FBI) National Cyber Investigative Joint Task Force

DHS law enforcement components (USSS and HSI) will Coordinate with other law enforcement agencies Continue to conduct criminal investigations into cyber

incidents, and From within the Cyber Unified Coordination Group (UCG) Coordinate with the FBI’s National Cyber Investigative

Joint Task Force


National Cyber Incident Response Plan (NCIRP)DHS is leading the effort to write the Plan to Formalize the incident response practices, Detail organizational roles, responsibilities,

and actions to Prepare for, respond to, and coordinate

the recovery from a significant cyber incident, Build upon PPD-41, and Include the private sector and other levels of governmentThe Plan will be written in collaboration with partners, including: All critical infrastructure sectors, sector coordinating councils,

government coordinating councils, Sector Specific Agencies, states, and private sector organizations.

12


The National Initiative for Cybersecurity Careers and Studies (NICCS) Training CatalogManaged by the Office of Cybersecurity and Communications (CS&C) Cybersecurity Education and Awareness Branch (CEA)

A key resource of cybersecurity information directly focused on: Enhancing awareness, Expanding the pipeline and Evolving the field

National resource for cybersecurity and opportunities available to: Government, Industry, Academia, and the general public

13


S&T Grant Opportunity at Minority Serving Institutions

$3.6M for Scientific Leadership Awards (SLA) at Minority Serving Institutions (MSI) DHS seeks to build a diverse,

highly capable, technical workforce for the homeland security enterprise. One of several programs administered by S&T’s Office of

University Programs. For more information and to apply, visit www.grants.gov. Refer to the opportunity DHS-16-ST-062-0012016 The deadline for submitting proposals is October 5, 2016.

DHS will conduct a webinar for interested applicantsAugust 17, 2016 at 3 p.m. EDT.

14

http://www.grants.gov/


Homeland Security Information Network (HSIN) Capabilities for CISR Community Members

Host Your meetings via Webinar using HSIN Connect Saves time, money, and other resources Connect with remote employees, partners, & CISR community Available FREE to all HSIN-CI membersLearn how at HSIN Learn The HSIN Training Team has developed a series of courses to

help you get the most out of HSIN

15


IP’s Stakeholder Education and Training Program Just achieved

Over 1 Million Course Completions Critical Infrastructure Stakeholder FREE Training Offerings include: Security Awareness, Foundational, and Sector-Specific Series

Independent Study courses delivered publicly through FEMA/EMI. Limited-distribution courses via controlled access on HSIN-CI Instructor-led classes taught in-house and regionally Facilitated workshops delivered via regional outreach tours Critical Infrastructure Learning Series Webinars on DHS.gov, and Collaboratively-developed courses delivered by partners nation-wideExtensive new CISR Training Portal now available on HSIN-CI

16

Nancy Pomerleau

Team Lead and Infrastructure Analyst (Highways, Mass Transit, Rail) in Transportation SystemsNational Protection and Programs DirectorateOffice of Infrastructure Protection | Sector Outreach and Programs Division

Desk: (703) 603-5044 Email: [email protected]