Presentation is loading. Please wait.

Presentation is loading. Please wait.

National Cyber Security Division (NCSD): Approved Overview Briefing

Published byElizabeth McKay Modified over 10 years ago

Similar presentations

Presentation on theme: "National Cyber Security Division (NCSD): Approved Overview Briefing"— Presentation transcript:

1 National Cyber Security Division (NCSD): Approved Overview Briefing
Wednesday, July 1, 2003

2 A secure and robust national cyber infrastructure is vital to the protection of the nation’s critical infrastructure and key assets CRITICAL INFRASTRUCTURE ASSET CATEGORIES CRITICAL INFRASTRUCTURE SECTORS Agriculture Food Water Public Health Emergency Services Defense Industry Base Information and Telecommunications Energy Banking & Finance Chemical Industry & Hazardous Materials Postal & Shipping KEY ASSETS National Monuments & Icons Nuclear Power Plants Dams Government Facilities Commercial Assets Strategy CYBER ASSETS PEOPLE ASSETS PHYSICAL ASSETS

3 The Homeland Security Act and national strategies direct DHS to take the lead on cyber security
Homeland Security Act of 2002 Directed IAIP to develop a national plan for protecting key resources and critical infrastructure of the United States and the physical and technological assets that support such systems Directed IAIP, in cooperation with other Federal agencies, state and local government, and the private sector, to recommend measures necessary to protect the key resources and critical infrastructure Directed IAIP to provide analysis related to the threats or vulnerabilities to critical information systems and provide crisis management support to threats to or attacks on critical information systems National Strategy to Secure Cyberspace (February, 2003) Designated the Department of Homeland Security as the agency primarily responsible for the implementation of the strategic objectives of the strategy National Strategy for Homeland Security (July, 2002) Established “securing cyberspace” as a major initiative in protecting critical infrastructures and key assets

4 The National Strategy to Secure Cyberspace articulates five priorities
Priority Implication National Cyberspace Security Response System Rapid identification, information exchange, and remediation can mitigate damage Response system will involve public and private institutions and cyber centers to perform analyses, conduct watch and warning, enable information exchange, and facilitate restoration efforts National Cyber Security Threat and Vulnerability Reduction Program Coordinated national efforts by government and private sector to identify and remediate serious cyber vulnerabilities through collaborative activities, such as sharing best practices and evaluating and implementing new technologies Also: raise awareness, increase criminal justice activities, and develop national security programs to deter cyber threats National Cyberspace Security Awareness and Training Program Promote comprehensive national awareness program to empower all Americans – businesses, workforce, and general population to secure their own parts of cyberspace Foster adequate training and education programs to support Nation’s cyber-security needs Increase efficiency of existing federal training Promote private support for independent certification of cybersecurity professionals Securing Governments’ Cyberspace Federal Government: Continuously assess threats and vulnerabilities to cyber systems Agency-specific processes Identify and document enterprise architecture Continuously assess threats and vulnerabilities Implement security controls and remediation efforts

5 The National Strategy to Secure Cyberspace articulates five priorities (cont’d.)
Priority Implication Securing Governments’ Cyberspace (cont’d.) Additional Government-wide Challenges Authenticate and maintain authorization for users of Federal systems Secure Federal wireless local area networks Improve security in government outsourcing and procurement Develop specific criteria for independent security reviews and reviewers and certification State and local governments: With increasing dependence on integrated systems, state, local and Federal agencies must collectively combat cyber attacks Information sharing to protect systems is important foundation for ensuring government continuity DHS will work with state and local govts. And encourage their efforts to establish IT security programs and participate in ISACs with similar governments International Cyberspace Security Cooperation Ensuring America’s national security Strengthen counterintelligence efforts in cyberspace Improve attack attribution and prevention capabilities Improve coordination for responding to cyber attacks in national security community Reserve right to respond in an appropriate manner International cooperation Work with international organizations and industry to facilitate and promote global “culture of security” Develop secure networks Promote North American cyberspace security Foster establishment of national and intern’tl watch-and-warning networks to detect and prevent cyber attacks as they emerge

6 Security Division (NCSD)
As a result, DHS established the National Cyber Security Division (NCSD) as the dedicated Federal focal point for cyber security Information Analysis and Infrastructure Protection (IAIP) Directorate “This new division will be focused on the vitally important task of protecting the nation’s cyber assets so that we may best protect the nation’s critical infrastructure assets” DHS Secretary Tom Ridge Information Analysis Infrastructure Protection Risk Assessment Division Indications and Warning Division Infrastructure Coordination Division Infrastructure Protection Division National Cyber Security Division (NCSD) KEY FUNCTIONS: Risk, Threat, & Vulnerability Identification and Reduction Cyber Security Tracking, Analysis & Response Center (CSTARC) Outreach, Awareness & Training

7 Current NCSD operations are organized into three functional areas
Elements of the NCSD Mission Key NCSD Functional Areas The mission of the NCSD is to implement the National Strategy to secure cyberspace and to provide a centralized coordination point for the collection and dissemination of protective measures to reduce vulnerabilities and risks to the cyber infrastructure National Cyber Security Division (NCSD) is the National focal point for addressing cyber security issues in the United States Partnerships with public and private stakeholders are critical to achievement of the NCSD mission NCSD responsibilities include: Identifying, analyzing and reducing threats and vulnerabilities Disseminating threat warning information Coordinating incident response Providing technical assistance in continuity of operations and recovery planning Risk, Threat, Vulnerability Identification & Reduction Cyber Security Tracking, Analysis, & Response Center (CSTARC) Outreach, Awareness, & Training

8 These three key mission areas are in alignment with the National Strategy to Secure Cyberspace and highlight the execution focus of the NCSD Three Key Mission Areas of NCSD Risk, Threat, & Vulnerability Reduction Cyber Security Tracking, Analysis, & Response Center (CSTARC) Outreach, Awareness, & Training National Strategy to Secure Cyberspace Strategic Objectives of the National Strategy to Secure Cyberspace Prevent cyber attacks against America’s Critical Infrastructure Reduce National vulnerability to cyber attacks Minimize damage and recovery time from cyber attacks that do occur A National Cyberspace security response system Critical Priorities of the National Strategy to Secure Cyberspace A National Cyberspace security threat & vulnerability reduction program A National Cyberspace security awareness training program Securing Governments’ cyberspace National Security & International Cyberspace Security Cooperation

9 Functional Area Description
The NCSD is leveraging relationships with and capabilities of public and private sector partners to support current operations Partnerships Functional Area Description Organizations with functions that are now resident in NCSD NIPC FedCIRC* NCS CIAO Government entity partners Law enforcement Federal, State and Local government organizations NASCIO HSA ISIP Private sector partners Software vendors Hardware vendors Security vendors Key industry associations and groups IT outsourcers Risk, Threat, Vulnerability Identification & Reduction Leverage, design, and lead implementation of methodologies and best practices with our partners to assess risks and threats, and to reduce vulnerabilities to attacks Cyber Security Tracking, Analysis & Response Center Implement CSTARC by consolidating government organizations and leveraging our National and international leadership and expertise across the public sector, the private sector, and academia Outreach, Awareness & Training Design and lead implementation of training and awareness efforts and campaigns that use a multi-level approach to education industry, government, and the public on the importance of their roles in National cyber security

10 Although operational on June 6th, a Planning Team has been established to assist in developing the final NCSD business process optimization and organization design NCSD announced and “Day One” capabilities functioning on June 6th NCSD Planning team established Select group of key individuals (with contractor support) with background and experience are working to consolidate, streamline and improve processes to support NCSD operations Responsible for identifying the structure and relationships to support those processes Organization design and processes rely heavily on the identification of key stakeholders and partners in the cyber security industry In addition to the “day-to-day” work associated with each of the functions, work is being done in each of the functional areas to establish processes for effective operations Risk, Threat, Vulnerability Identification & Reduction Cyber Security Tracking, Analysis & Response Center Outreach, Awareness & Training

11 …with an ultimate goal of developing long-term robust capability in cyber security
Current Capabilities Future Capabilities Analytic capability to support cyber alerts and warning process for threats and vulnerabilities Consolidated list of effective practices for cyber security including best practices risk mitigation of cyber vulnerabilities Tracking of threats, vulnerabilities, and incidents via information exchange and dissemination of alerts and warnings to Government and the private sector Coordinated operations of 24 X 7 cyber watch centers Public awareness, training, and education campaigns including Stay Safe On-Line and others Process to improve and expand international cyber security relationships Lead the implementation of a standardized National risk, threat, and vulnerability assessment methodology Correlate data to assist the critical infrastructure sectors to generate metrics on cyber security readiness and capability on a periodic basis Build a mature capability over time that utilizes interdependency analysis (physical and cyber) and adaptive protection to prevent effective attacks Implement and operate a single National 24x7 CSTARC for cyberspace security in partnership with the public and private sectors Establish standardized and efficient information sharing processes to provide real-time information and warning capabilities across the Nation’s cyber landscape Complete the implementation of a comprehensive multi-level campaign to promote cyber security awareness and readiness Create public/private outreach groups to assist the entire spectrum of customers in securing their systems through implementation of “effective security practices”

12 Continue to protect the Nation’s cyber security infrastructure
Next Steps… {This slide should be completed by presenter based on obj. of presentation and audience} Continue to protect the Nation’s cyber security infrastructure Continue to build strong partnerships within the public and private sectors Questions? Contact Information

13 Appendix: Other slides and graphics that may be used in briefings

14 The strategy of DHS, as defined by the Nation Strategy for Homeland Security, consists of three key objectives Three Key Objectives of the National Strategy for Homeland Security Key Objective I Key Objective II Key Objective III Prevent terrorist attacks within the United States Reduce America’s vulnerability to terrorism Minimize the damage and recover from attacks that do occur

15 IAIP is aligned with these key objectives through four key execution strategies: Evaluation, Communication, Coordination, and Protection Key Objective I Key Objective II Key Objective III Prevent terrorist attacks within the United States Reduce America’s vulnerability to terrorism Minimize the damage and recover from attacks that do occur Alignment through Evaluation, Communication, Coordination, & Protection Evaluation of terrorist threats Communication of warnings and information about terrorist threats Coordination and implementation of protective measures and reporting to prevent terrorist attacks Protection of the critical infrastructure through implementation and adaptation of protective measures Evaluation of threats, risks, and vulnerabilities Communication of information about terrorist capabilities and priorities Coordination and implementation of protective measures Protection through analysis of cross-sector and cross-asset interdependencies Evaluation of impact of attacks Communication of cross-sector and cross-asset impacts and responses Coordination of event response across sectors, assets, and across DHS groups responding to attacks Protection against future attacks or repeat attacks through lessons learned, forensics, and protective measures

16 The Infrastructure Protection mission is to rapidly implement protective measures with our partners to reduce the vulnerabilities of America’s critical infrastructure IP Mission Statement IP, in partnership with IA and federal, state, local, private, and international entities protects America’s critical infrastructures.

17 17 The IAIP goal, as defined in the HSA, executes across 13 sectors, five key assets, and three asset categories, in alignment with the National Strategy Information Analysis/Information Protection Mission Strategy Continuum Key Activities Matrix Critical Infrastructure Sectors Key Assets Asset Categories Evaluation: Assessing Value & Prioritizing Capabilities Identify critical infrastructures, threats, & incidents Agriculture Food Water Public Health Emergency Services Government Defense Industry Base Information and Telecommunications Energy Transportation Banking & Finance Chemical Industry & Hazardous Materials Postal & Shipping National Monuments & Icons Nuclear Power Plants Dams Government Facilities Commercial Assets Physical Assets Assess & analyze risks and vulnerabilities Develop protective measures Communication: Disseminating Value & Sharing Capabilities Leverage operational expertise Administer warning capability People Assets Coordination: Extracting Value & Leveraging Capabilities Correlate threat information, monitor and report status Coordinate with industry/federal partners Track and respond to legislative trends Support implementation of protective measures Protection: Preserving Value & Maintaining Capabilities Cyber Assets Assist EP&R in incident response

18 To IAIP has implemented a dedicated National Cyber Security Division (NCSD) within IP, that will lead protection of the Nation’s critical cyber assets across three key mission areas Three Key Mission Areas of the NCSD Risk, Threat, & Vulnerability Identification & Reduction Cyber Security Tracking, Analysis,& Response Center (CSTARC) Outreach, Awareness, & Training Leverage, design, and lead implementation of methodologies and best practices with our partners to assess risks and threats, and to reduce vulnerabilities to attacks Implement CSTARC by consolidating government organizations and leveraging our National and international leadership and expertise across the public sector, the private sector, and academia. Design and lead implementation of training and awareness efforts and campaigns that use a multi-level approach to educate industry, government, and the public on the importance of their roles in National cyber security Partnerships – The critical enabler of all of the key activities With partnerships as the foundation for implementation, the NCSD will immediately drive design and implementation of protective measures to reduce America’s vulnerability to cyber attack

19 NCSD Mission Statement
The National Cyber Security Division mission statement NCSD Mission Statement The National Cyber Security Division (NCSD) is the National focal point for addressing cyber security issues in the United States. The NCSD mission includes identifying, analyzing and reducing threats and vulnerabilities; disseminating threat warning information; coordinating incident response; and providing technical assistance in continuity of operations and recovery planning. The NCSD also serves as the single National point of contact for the public and private sector regarding cyber security issues, including outreach, awareness, and training.

20 The implementation plan for the NCSD focuses on delivering capabilities immediately, while building a streamlined team and business process, using a staged three-phased approach Phase I: IMPLEMENT IMMEDIATE OPERATING CAPABILITY Phase II: IMPLEMENT INTERIM OPERATING CAPABILITY Phase III: IMPLEMENT FULL OPERATING CAPABILITY 1 Apr Jun Oct Mar 2004 Activities: Implement coordinated cyber-security program within DHS/IAIP Formally announce new organization and recruit a leadership team Continue to deliver “Day One” capabilities Activities: Complete organization and process streamlining and consolidation design Validate and implement streamlined organization and processes Complete hiring of permanent leadership team Deliver “180-day” capabilities Activities: Complete implementation of streamlined organization and processes Operation of “180-day” capabilities under way Deliver strategic “full operational” capabilities

21 Design of consolidated and streamlined organization and processes
The engagement plan uses a phased approach to show results quickly and to add value throughout the execution of the project Analysis to determine gaps and overlaps in functions, processes, capabilities, and organizations Design of consolidated and streamlined organization and processes Implementation plan to mitigate risks associated with the new organization and processes Assessment of Current functions, processes, capabilities, and organizations June 15 July 30 August 15 August September 15 Activities: Identify and inventory existing organizations, functions, capabilities, and organizations Interview stakeholders and leaders and members of these organizations and review work products and documentation Develop complete inventory of current cyber security functions, processes, capabilities, and organizations Activities: Analyze inventory of functions, processes, capabilities, and organizations from assessment task to determine duplications or overlaps in responsibility Analyze inventory of functions, processes, capabilities, and organizations from assessment task to determine gaps in critical required capabilities as defined by the NCSD strategy and the National Strategy Activities: Formulate “to be” business process model for new streamlined and consolidated organization Design organizational structure to support streamlined business process Validate design with key stakeholders Activities: Develop implementation plan and current function and organization transition plan Validate implementation and transition plan with key stakeholders Develop key implementation risks and risk mitigation plans Deliverables: Interview templates, schedule, and project plan Complete inventory of stakeholders Interview documentation Description key activities, processes, products and services for each organization represented. Deliverables: Current process diagram and model including key activities, processes, products and services for each organization represented. Overlap and gap analysis of current Federal Government cyber security functions, processes, capabilities, and organizations including communication processes with the private sector Deliverables: Options for “To be” streamlined and consolidated business process model Options for organizational structure to implement new streamlined and consolidated cyber security capability Recommendations and selection criteria for options and recommendations Deliverables: Validated implementation and transition plan Validated risk mitigation plan Executive decision briefing for NCSD leader and Assistant Secretary of IP

22 NCSD Products & Services Supplier Products & Services
The methodology for the engagement uses supply chain analysis to evaluate the activities, products, and processes of the NCSD NCSD Mission Supplier Channels NCSD Products & Services NCSD Key Activities Supplier Products & Services Customer Channels Suppliers Customers Key Question: How do suppliers send/provide products, and services to the NCSD? Key Question: What products and services does the NCSD produce to protect America’s critical infrastructure? Key Question: What products and services do the suppliers give to the NCSD to enable its mission? Key Question: How does the NCSD deliver products and services to its customers? Key Question: What organizations provide the products and services required by the NCSD? Key Question: Who are the customers and recipients of NCSD products and services?

23 A preliminary list of stakeholders has been identified for the NCSD from all of the critical infrastructure sectors across a wide spectrum of public and private organizations Preliminary DRAFT List Academia Federal & Civilian Agencies (non-DHS/DoD) State & Local Governments Department of Homeland Security Department of Defense Private Sector International Government & NGOs CERT/CC GA Tech JHU Purdue Dartmouth I3P NIST OMB CIO Council HSC FedCIRC OSTP NSC USSS DOJ FBI CSIRC NSF IGs Congress NASCIO Governor Executive Offices Law enforcement (state) Law enforcement (local) HSA Local government organizations Multi-state ISAC ISIP Congress IAIP Divisions S&T EP&R Homeland Security Center NCS JTF-CNO DoD-CERT NSIRC NorthCOM ASD/C3I NSA DOD-IG STRATCOM Sector ISACs Software vendors Hardware vendors Security vendors IT outsourcers Key industry associations and groups ISAC Council DNS root operators ISA ISO International CERTs This list must be quickly validated and completed by the beginning of the interview process

24 To execute the assessment, the team must first interview several key players within the NCSD, DHS, DoD, and industry and then solicit wider input Task 1 – Interview Key Players and Formalize Questionnaires for other Players Task 2 – Solicit Input from Other Players through Briefings & Questionnaires Task 3 – Follow up Briefings and Questionnaires with Phone Calls/In-person Meetings NCSD subgroups: VTRRIA CSTARC OA&T FedCIRC OMB HSC CERT-CC JTF-CNO/DoD-CERT IAIP/ICD IAIP/IPD “Top 5” industry associations “Top 5” security vendors Academia Other industry associations Other federal agencies State and local governments NORTHCOM etc.. Academia Other industry associations Other federal agencies State and local governments NORTHCOM etc.. The result will be a complete inventory of the suppliers, products, channels, and customers in the cyber security protection supply chain. This inventory will allow us to quickly assess overlaps and gaps in the supply chain and to quickly prioritize actions for mitigating gaps and eliminating overlaps.

25

26

Download ppt "National Cyber Security Division (NCSD): Approved Overview Briefing"

Similar presentations

1 Industry Brief Apr 07. 2 Outline How is Alberta preparing? How is Alberta preparing? Albertas Health Response Albertas Health Response Albertas Operational.

1 Industry Brief Apr Outline How is Alberta preparing? How is Alberta preparing? Albertas Health Response Albertas Health Response Albertas Operational.
Stop. Think. Connect. National Cybersecurity Awareness Campaign October 2010.

Stop. Think. Connect. National Cybersecurity Awareness Campaign October 2010.
Armand Racine Consultant Chemicals Branch

Armand Racine Consultant Chemicals Branch
CDCs 21 Goals. CDC Strategic Imperatives 1. Health impact focus: Align CDCs people, strategies, goals, investments & performance to maximize our impact.

CDCs 21 Goals. CDC Strategic Imperatives 1. Health impact focus: Align CDCs people, strategies, goals, investments & performance to maximize our impact.
International Telecommunication Union An Insight into BDT Programme 3 Marco Obiso ICT Applications and Cybersecurity Division Telecommunication Development.

International Telecommunication Union An Insight into BDT Programme 3 Marco Obiso ICT Applications and Cybersecurity Division Telecommunication Development.
Innovate Now: Overview and Next Steps February 2007.

Innovate Now: Overview and Next Steps February 2007.
Homeland Security Information Network-Emergency Management (HSIN-EM) Fire Service Community Overview Technologies for Critical Incident Preparedness Conference.

Homeland Security Information Network-Emergency Management (HSIN-EM) Fire Service Community Overview Technologies for Critical Incident Preparedness Conference.
The Readiness Centers Initiative Early Education and Care Board Meeting Tuesday, May 11, 2010.

The Readiness Centers Initiative Early Education and Care Board Meeting Tuesday, May 11, 2010.
AFCEA DC Cyber Security Symposium Military Joint Cyber Command Panel Harry Raduege Lieutenant General, USAF (Ret) Chairman, Center for Network Innovation.

AFCEA DC Cyber Security Symposium Military Joint Cyber Command Panel Harry Raduege Lieutenant General, USAF (Ret) Chairman, Center for Network Innovation.
Minnesota Port and Waterway Security Working Group Meeting April 12, 2012.

Minnesota Port and Waterway Security Working Group Meeting April 12, 2012.
Gaining Senior Leadership Support for Continuity of Operations

Gaining Senior Leadership Support for Continuity of Operations
Department of Homeland Security Site Assistance Visit (SAV)

Department of Homeland Security Site Assistance Visit (SAV)
1 Kentuckys Public Safety Awareness Initiative Program Coordination and Partnerships August 23, 2005.

1 Kentuckys Public Safety Awareness Initiative Program Coordination and Partnerships August 23, 2005.
Homeland Security at the FCC July 10, 2003. FCCs Homeland Security Focus Interagency Partnerships Industry Partnerships Infrastructure Protection Communications.

Homeland Security at the FCC July 10, FCCs Homeland Security Focus Interagency Partnerships Industry Partnerships Infrastructure Protection Communications.
Abstract To provide efficient and effective access to enterprise information that meets stakeholder needs and supports mission success, NASA is implementing.

Abstract To provide efficient and effective access to enterprise information that meets stakeholder needs and supports mission success, NASA is implementing.
1. 2 August 2009 - Recommendation 9.1 of the Strategic Information Technology Advisory Committee (SITAC) report initiated the effort to create an Administrative.

1. 2 August Recommendation 9.1 of the Strategic Information Technology Advisory Committee (SITAC) report initiated the effort to create an Administrative.
Directions for this Template  Use the Slide Master to make universal changes to the presentation, including inserting your organization’s logo –“View”

Directions for this Template  Use the Slide Master to make universal changes to the presentation, including inserting your organization’s logo –“View”
DEFENSE SUPPORT OF CIVIL AUTHORITIES (DSCA)

DEFENSE SUPPORT OF CIVIL AUTHORITIES (DSCA)
BENEFITS OF SUCCESSFUL IT MODERNIZATION

BENEFITS OF SUCCESSFUL IT MODERNIZATION
Moving Forward with Safety Management Systems December 9, 2014 Standing Committee on Public Transportation Winter Meeting American Association of State.

Moving Forward with Safety Management Systems December 9, 2014 Standing Committee on Public Transportation Winter Meeting American Association of State.

Similar presentations

Ads by Google