National Protection and Programs Directorate

Office of Cyber and Infrastructure Analysis (OCIA)

Director John Murphy

Virginia Tech Science & Technology & Policy Leadership Seminar Series

October 9, 2014

National Protection and Programs Directorate

National Protection and

Programs Directorate

Office of Infrastructure

Protection

Office of Cybersecurity

and Communications

Office of Cyber and

Infrastructure Analysis

Office of Biometric Identity

Management

Federal Protective

Service

2

The Need for Integrated Consequence Analysis

OCIA Mission: Center of Excellence to better understand all-

hazards consequences to the Nation’s critical infrastructure

through an integrated analytical approach evaluating the

potential consequences of disruption, including dependencies,

interdependencies, and cascading impacts, from physical or

cyber threats and incidents.

OCIA’s consequence analysis integrates expertise and data

from across NPPD to support NPPD operational activities and

enhance decision support for DHS leadership and other public

and private sector critical infrastructure partners to better

predict, prepare for, and mitigate disruptions to critical

infrastructure.

3

Evolving NPPD Analytical Capabilities

4

Analytic Program

5

Infrastructure Prioritization

Operational

Analysis

Strategic

Analysis

Capability and Capacity Development

OCIA Functions

OCIA uses all-hazards information from an array of partners to conduct

consequence modeling, simulation, and analysis. OCIA’s core functions

include:

– Providing analytic support to DHS leadership, operational components, and

field personnel during steady-state and crises on emerging threats and

incidents impacting the Nation’s critical infrastructure

– Assessing and informing national infrastructure risk management strategies on

the likelihood and consequence of emerging and future risks

– Developing and enhancing capabilities to support crisis action by identifying

and prioritizing infrastructure through the use of analytic tools and modeling

capabilities

6

Supporting Leadership Decisions: Steady-State and

Incident Response

7

8

The Impact of Cyber Infrastructure

Emergency Services

Banking & Finance

Energy

Transportation

Government

Cyber Infrastructure

Cyber Infrastructure includes information technology and communications

systems and the information contained in those systems. The most recognizable

components are telecommunications systems, computer systems, and networks

such as the Internet. For example…

9

Critical Infrastructure and the physical/cyber nexus

Recent Significant Activities

Propane Shortage

– For the first time, FERC directed private sector entities to reverse pipeline flow

in order to alleviate critical propane shortage during winter of 2014.

– FERC cited the detailed analysis conducted by OCIA to justify the decision.

Electric Power Substations

– NPPD spearheads effort using OCIA consequence analysis of specific incidents

lead NERC to direct the establishment of improved physical security measures

at electric power substations across the country.

Cyber Dependent Infrastructure Identification as required by Section 9 of

Executive Order 13636, Improving Critical Infrastructure Cybersecurity

– OCIA co-led the effort to identify infrastructure most at risk and now manages

the program moving forward.

– Lauded by the NSC Cyber Czar as one of the best products seen from DHS.

Recent Significant Activities

California Drought Analysis

– Detailed joint analysis of the California drought and other potential

complicating natural hazards in response to Presidential RFI.

– Analysis received high praise from NSC Staff, including the Deputy HSA to

the President, as well as praise from Congress.

Cyber Proof of Concept

– Efforts to identify the physical consequences of cyber or ICS attacks within

complex systems

– Detailed analysis completed with a variety of systems: water and waste

water treatment facilities, large commercial venues, Federally protected

facilities, Natural Gas facility, etc.

Bakken Crude Oil

– OCIA is supporting NSC request to understand potential consequences

from increased transportation of Bakken Crude Oil.

The Challenge of Interdependencies

Decoding Interdependencies

Interdependencies: Impact of Drought

Interdependencies: Impact of Drought

Key Analytic Themes for FY 2015

Infrastructure Resilience, Intra/Interdependencies

Cyber dependencies and/or Nexus of Cyber Infrastructure

Operational Support and/or Crisis Action

Infrastructure Prioritization

Aging and/or Failing Infrastructure

Extreme Weather and/or Climate Change

16

For more information visit:

www.dhs.gov/office-cyber-infrastructure-analysis

Back-up Slides

The Importance of Good Data

Karly Domb Sadof

The Importance of Good Data