Presentation is loading. Please wait.

Presentation is loading. Please wait.

Enhanced Security Through Human Error Awareness PNNL-SA-42136.

Published byLilliana Swallows Modified over 9 years ago

Similar presentations

Presentation on theme: "Enhanced Security Through Human Error Awareness PNNL-SA-42136."— Presentation transcript:

1 Enhanced Security Through Human Error Awareness PNNL-SA-42136

2 Tracking a Security Event Event A Security Event Occurs

3 Tracking a Security Event Identify & Categorize Event It Is Identified and Categorized

4 Tracking a Security Event Identify & Categorize Preliminary Report to DOE Event A Preliminary Report to DOE Is Made

5 Tracking a Security Event Identify & Categorize Preliminary Report to DOE Full Inquiry Event A Full Inquiry Is Begun

6 Tracking a Security Event Identify & Categorize Preliminary Report to DOE Full Inquiry Assess Impact Take Mitigative Action Event Impact Is Assessed, Mitigation Begun

7 Tracking a Security Event Identify & Categorize Preliminary Report to DOE Full Inquiry Assess Impact Assess Direct Cause & Contributions Take Mitigative Action Event Direct Cause and Contributing Factors Are Identified

8 Tracking a Security Event Identify & Categorize Preliminary Report to DOE Full Inquiry Assess Impact Assess Direct Cause & Contributions Document IMI 1, 2, 3 via ITAC Document Non Incidents & IMI 4’s Internally Take Mitigative Action Event Internal, and… External (ITAC) Documentation

9 Tracking a Security Event Identify & Categorize Preliminary Report to DOE Full Inquiry Assess Impact Assess Direct Cause & Contributions Document IMI 1, 2, 3 via ITAC Document Non Incidents & IMI 4’s Internally Assess Patterns & Trends Develop Corrective Actions Take Mitigative Action Event Resulting in Corrective Actions and… …Assessment of Patterns and Trends

10 Tracking a Security Event Identify & Categorize Preliminary Report to DOE Full Inquiry Assess Impact Assess Direct Cause & Contributions Document IMI 1, 2, 3 via ITAC Document Non Incidents & IMI 4’s Internally Assess Patterns & Trends Develop Corrective Actions Prevent Recurrence Take Mitigative Action Event Corrective Actions to Prevent Recurrence

11 Tracking a Security Event Identify & Categorize Preliminary Report to DOE Full Inquiry Assess Impact Assess Direct Cause & Contributions Document IMI 1, 2, 3 via ITAC Document Non Incidents & IMI 4’s Internally Assess Patterns & Trends Develop Corrective Actions Prevent Recurrence Take Mitigative Action Event Distribute Lessons Learned Lessons Learned Are Distributed in DOE

12 Tracking a Security Event Identify & Categorize Preliminary Report to DOE Full Inquiry Assess Impact Assess Direct Cause & Contributions Document IMI 1, 2, 3 via ITAC Document Non Incidents & IMI 4’s Internally Assess Patterns & Trends Develop Corrective Actions Prevent Recurrence Distribute Lessons Learned Prevent Similar Occurrences Elsewhere Take Mitigative Action Event …to Prevent the Likelihood of Similar Occurrences Elsewhere

13 Distribute Lessons Learned You Are Here Tracking a Security Event Identify & Categorize Preliminary Report to DOE Full Inquiry Assess Impact Assess Direct Cause & Contributions Document IMI 1, 2, 3 via ITAC Document Non Incidents & IMI 4’s Internally Assess Patterns & Trends Develop Corrective Actions Prevent Recurrence Prevent Similar Occurrences Elsewhere Take Mitigative Action Event Your role in the incident inquiry process is a critical link in the chain of incident reporting, inquiry, documentation and analysis that supports the goal of reducing the number of security incidents across the DOE complex.

14 You Are Here Tracking a Security Event Identify & Categorize Preliminary Report to DOE Full Inquiry Assess Impact Assess Direct Cause & Contributions Document IMI 1, 2, 3 via ITAC Document Non Incidents & IMI 4’s Internally Assess Patterns & Trends Develop Corrective Actions Prevent Recurrence Prevent Similar Occurrences Elsewhere Take Mitigative Action Event Reporting Distribute Lessons Learned

15 You Are Here Tracking a Security Event Identify & Categorize Preliminary Report to DOE Full Inquiry Assess Impact Assess Direct Cause & Contributions Document IMI 1, 2, 3 via ITAC Document Non Incidents & IMI 4’s Internally Assess Patterns & Trends Develop Corrective Actions Prevent Recurrence Prevent Similar Occurrences Elsewhere Take Mitigative Action Event Reporting Inquiry Distribute Lessons Learned

16 You Are Here Tracking a Security Event Identify & Categorize Preliminary Report to DOE Full Inquiry Assess Impact Assess Direct Cause & Contributions Document IMI 1, 2, 3 via ITAC Document Non Incidents & IMI 4’s Internally Assess Patterns & Trends Develop Corrective Actions Prevent Recurrence Prevent Similar Occurrences Elsewhere Take Mitigative Action Event Reporting Documentation Inquiry Distribute Lessons Learned

17 You Are Here Tracking a Security Event Identify & Categorize Preliminary Report to DOE Full Inquiry Assess Impact Assess Direct Cause & Contributions Document IMI 1, 2, 3 via ITAC Document Non Incidents & IMI 4’s Internally Assess Patterns & Trends Develop Corrective Actions Prevent Recurrence Prevent Similar Occurrences Elsewhere Take Mitigative Action Event Reporting Analysis Documentation Inquiry Distribute Lessons Learned

18 You Are Here Tracking a Security Event Identify & Categorize Preliminary Report to DOE Full Inquiry Assess Impact Assess Direct Cause & Contributions Document IMI 1, 2, 3 via ITAC Document Non Incidents & IMI 4’s Internally Assess Patterns & Trends Develop Corrective Actions Prevent Recurrence Prevent Similar Occurrences Elsewhere Take Mitigative Action Event Reporting Analysis Documentation Inquiry Lessons Learned

19 Distribute Lessons Learned You Are Here Tracking a Security Event Identify & Categorize Preliminary Report to DOE Full Inquiry Assess Impact Assess Direct Cause & Contributions Document IMI 1, 2, 3 via ITAC Document Non Incidents & IMI 4’s Internally Assess Patterns & Trends Develop Corrective Actions Prevent Recurrence Prevent Similar Occurrences Elsewhere Take Mitigative Action Event Reduced Likelihood of Security Incidents ESTHER: Enhanced Security Through Human Error Reduction

Download ppt "Enhanced Security Through Human Error Awareness PNNL-SA-42136."

Similar presentations

Risk Management Module 3D Canada Bridges Project Management Tools Risk Management - Module 3D 1.

Risk Management Module 3D Canada Bridges Project Management Tools Risk Management - Module 3D 1.
Hazard and Risk Analysis What are the socio-economic and political trends? Consider recent assessment / reviews / baseline studies / analytical exercises.

Hazard and Risk Analysis What are the socio-economic and political trends? Consider recent assessment / reviews / baseline studies / analytical exercises.
ATS INCIDENT REPORTING AND INVESTIGATIONS

ATS INCIDENT REPORTING AND INVESTIGATIONS
Presented by: Guy Prescott Common Sense Safety, Inc. (530)

Presented by: Guy Prescott Common Sense Safety, Inc. (530)
EMS Checklist (ISO model)

EMS Checklist (ISO model)
RAMIRI2 Prague 2012 Project management and the RI Life Cycle.

RAMIRI2 Prague 2012 Project management and the RI Life Cycle.
Note: See the text itself for full citations. Information Technology Project Management, Seventh Edition.

Note: See the text itself for full citations. Information Technology Project Management, Seventh Edition.
Connecticut Emergency Management and Response

Connecticut Emergency Management and Response
Well control incident Location:Block xx/xx on NCS Rig type: Floater / Jack-up / Platform Well type:Exploration / Production Date:dd.mm.yyyy Course of events:

Well control incident Location:Block xx/xx on NCS Rig type: Floater / Jack-up / Platform Well type:Exploration / Production Date:dd.mm.yyyy Course of events:
Combat Propulsion Systems SR000XXXXX Supplier Name Month Year.

Combat Propulsion Systems SR000XXXXX Supplier Name Month Year.
Emergency Plan GENERAL AWARENESS TRAINING. Aim To provide staff with an overview of the school emergency plan.

Emergency Plan GENERAL AWARENESS TRAINING. Aim To provide staff with an overview of the school emergency plan.
ENVIRONMENTAL MANAGEMENT SYSTEMS. ENVIRONMENTAL ISSUES Global Warming Climate Change Ozone Layer Resource Depletion Population Growth Waste Disposal Effects.

ENVIRONMENTAL MANAGEMENT SYSTEMS. ENVIRONMENTAL ISSUES Global Warming Climate Change Ozone Layer Resource Depletion Population Growth Waste Disposal Effects.
Project Risk Management

Project Risk Management
Incident Reporting Systems for information security.

Incident Reporting Systems for information security.
ISO 17799: Standard for Security Ellie Myler & George Broadbent, The Information Management Journal, Nov/Dec ‘06 Presented by Bhavana Reshaboina.

ISO 17799: Standard for Security Ellie Myler & George Broadbent, The Information Management Journal, Nov/Dec ‘06 Presented by Bhavana Reshaboina.
The Role of Security & Privacy in EA Program

The Role of Security & Privacy in EA Program
Bureau of Workers’ Comp PA Training for Health & Safety (PATHS)

Bureau of Workers’ Comp PA Training for Health & Safety (PATHS)
“Full Circle” Communication Monthly Supervisor Meeting Incident/Accident Communication.

“Full Circle” Communication Monthly Supervisor Meeting Incident/Accident Communication.
Introduction to Indian Cyber Army. About Us Indian Cyber Army was founded with a mission to fight against Cyber Crime and with sole aim is to research,

Introduction to Indian Cyber Army. About Us Indian Cyber Army was founded with a mission to fight against Cyber Crime and with sole aim is to research,
HACCP Training Guide www.ifsqn.com.

HACCP Training Guide

Similar presentations

Ads by Google