Cyber-crisis exercises

Slides:

Advertisements

Similar presentations

Patient Movement in the Midst of a Disaster

Advertisements

ENISA Cyber Security Strategies Workshop November 27, 2014 Brussels

Visual 3.1 Unified Command Unit 3: Unified Command.

Unit 8: Tests, Training, and Exercises Unit Introduction and Overview Unit objectives:  Define and explain the terms tests, training, and exercises. 

TRAINING AND DRILLS. Training and Drills Ensure A comprehensive, coordinated, and documented program as an integral part of the emergency management program.

Simulation Exercises Overview Activities designed to assess, enhance and evaluate preparedness.

Disaster Emergency Management BY: ELLIAS NARDINI INTERNATIONAL REPRESENTATIVE & GENERAL AGENT APPLIED TRAINING SOLUTIONS, LLC 8527 CHASE GLEN CIRCLE FAIRFAX,

Unit 5:Elements of A Viable COOP Capability (cont.)  Define and explain the terms tests, training, and exercises (TT&E)  Explain the importance of a.

“Building sustainable capabilities across all phases of Emergency Management in Kansas through selfless service” KDEM EMPG 2012 OVERVIEW 13 September 2011.

Presented by: Meg Boyd The Blue Mountains Drinking Water System: DWQMS Overview.

Background, Purpose, and Value of Exercises. 9/11 has changed water system security requirements Continued training for intentional incidents is critical.

Building Disaster-Resilient Places STEP SIX – Plan Implementation & Maintenance.

2015 S TATE E LECTIONS C ONFERENCE T ESTING YOUR COOP June 10, 2015.

Eastern Cape Branch Seminar 5 – 6 September 2013 Good Corporate Governance By: Louise Muller, President of IMFO, 2012/13 – 2013/14.

Networks ∙ Services ∙ People Mandeep Saini TF-MSP, Espoo, Finland Service Delivery and Adoption 10 th Sep 2015 Task Leader, GN4-1 SA7 T3.

[Exercise Name] Full Scale Exercise Player Briefing [Location] [Date] [Logo Here]

Building Legal Preparedness for Public Health Emergencies April East Lansing, Michigan Conducting an Effective Emergency Legal Training Exercise.

Cooperation among schools …on environmental topics at local and international level.

CIVIL PROTECTION MECHANISM EXERCISES Laurent de Pierrefeu DG ECHO B1- Emergency Response Unit.

The industrial relations in the Commerce sector EU Social dialogue: education, training and skill needs Ilaria Savoini Riga, 9 May 2012.

NFPA 1600 Disaster/Emergency Management and Business Continuity Programs.

Networks ∙ Services ∙ People Nicole Harris, GÉANT 45 th TF-CSIRT Meeting, Poznan, Poland Working Group: TI Service Requirements review TF-CSIRT.

Cooperation among schools …on environmental topics Part one – Local level.

Proprietary Information of BearingPoint Inc. | Copyright 2005 BearingPoint Inc. All rights reserved. America’s First National Critical Infrastructure Exercise.

Facilitated Discussions Starting the Conversation on Emergency Management Planning.

Authentication and Authorisation for Research and Collaboration Michał Jankowski, Maciej Brzeźniak AARC General Meeting, Milan.

Networks ∙ Services ∙ People Bert van Pinxteren General Assembly, Porto, Portugal Transition to one GÉANT Annual Review June,

Introduction Office of Water (4608T) EPA 817-R September

Action planning and evaluation How to apply workshop learning and action points to deepen that learning further Identify and plan next steps for post-

Exercising, Maintaining and Reviewing BCM Arrangements ERMAN TASKIN

Aviation Security Training Module 3 Conducting an Exercise 1.

Designing, Conducting, and Evaluating Tabletop Exercises for Pandemic Influenza Business Continuity Planning Kristine Moore, MD, MPH Medical Director Jill.

Emergency Management Assistance Compact Public Health and Medical Tabletop Exercise Introduction.

Networks ∙ Services ∙ People Andrea Biancini #TNC15, Porto, Portugal Implementing Grouper to federate user authorization Federated Authorization.

Networks ∙ Services ∙ People Mark Johnston TNC15, Porto Plans in GEANT Innovation on the Production Network 15 th June 2015 Chief Network.

Authentication and Authorisation for Research and Collaboration Heiko Hütter, Martin Haase, Peter Gietz, David Groep AARC 3 rd.

Digital Security Focus Area & Critical Infrastructure Protection in H2020 SC7 WP Aristotelis Tzafalias Trust and Security Unit DG Communications.

Networks ∙ Services ∙ People Jari Miettinen Andrew Mackarel and Nadia Sluer VC #1 Jan 2016 SCOPE SIG June 8 th 2016.

The value of Cyber Defense Exercises 1. Purpose and objectives The aim is to improve information assurance in critical infrastructure by :  Better understanding.

This project has received funding from the European Union’s H2020 research and innovation programme under grant agreement no Introduction to CIVILEX.

Networks ∙ Services ∙ People Di4R Network. Services. People. GÉANT 28 th September, Krakow.

FROM GAPS TO CAPS Risk Management Capability Based on Gaps Identification in the BSR Identifying capability assessment challenges and opportunities in.

Security Management Geant SIG-SIM – Alf Moens

Crisis management related research at

WISE 2017 Collaborating Communities

Dublin, february th SIG ISM Workshop.

Joint cyber exercises Charlie van Genuchten SIG-ISM meeting, Dublin

ARRL Field Organization for Emergency Communications

GÉANT Community Programme Communications Activities

Cyber Security coordination in Europe CERT-EU’s perspective

6th SIG-ISM Workshop February 2018, Madrid

“The Link” - Continuity of Operations and Emergency Management

EPAN – eGovernment WG Study on organisational changes, skills and the role of leadership required by eGovernment Christine Leitner (EIPA) Luxembourg,

National Cyber Strategy Preparedness: 8 Preparatory Questions

National Incident Response Discussion Exercise

Managing Change and Other Keys to Successful Implementation

America’s First National Critical Infrastructure Exercise

How to approach a top-down call topic in Horizon 2020?

Hazard and Vulnerability Assessment

Institutional Framework, Resources and Management

US Cluster Visit Booklet

IS-700.A: National Incident Management System, An Introduction

Presented by Prof. dr. Nermin Suljanović Elektroinštitut Milan Vidmar

Community of Users.

February 21-22, 2018.

Certified Hospital Emergency Coordinator (CHEC) Training Program

Making an impact that matters

Certified Hospital Emergency Coordinator (CHEC) Training Program

Cyber Security in a Risk Management Framework

Presentation transcript:

Cyber-crisis exercises Charlie van Genuchten Networks ∙ Services ∙ People www.geant.org

IN A WORLD

Where every user wants to be connected 24/7

“the greatest threat to every profession, every industry, Where cybercrime is “the greatest threat to every profession, every industry, every company in the world.” IBM President and CEO Ginni Rometty

NRENs have a decision to make when it comes to crisis management: Flight or fight!

Luckily, you don’t have to do it alone! CLAW Crisis Management Exercise November 20 and 21, 2017 In Malaga Working group with members of: SIG-ISM SIG-NOC SIG-Marcomms TF-CSIRT Networks ∙ Services ∙ People www.geant.org

Input from different SIGs and TFs

What are we going to do?

Goals Ensuring all NRENs have the tools and guidelines to form or enhance their crisis management plan; Creating a common understanding and terminology to deal with crises on a European (long term: global) scale; Kickstart an overarching Crisis Management community to share best practices; Ensuring awareness of crisis management as a priority throughout the community. Everyone goes away with at least one point of action on crisis management Networks ∙ Services ∙ People www.geant.org

sharing, sharing, sharing! Leading up to the event sharing, sharing, sharing!

20 and 21 November Lightning talks Workshops Sandbox exercise Explorers and receivers exercise

Exercises can be used to Validating policies, plans, procedures, training, equipment and/or inter- organizational agreements Testing ICT disaster recovery systems Clarifying and training personnel in roles and responsibilities Improving inter-organizational coordination and communications Identifying gaps in resources Improving individual preformance Identifying opportunities for improvement Providing a controlled opportunity to practice improvisation Networks ∙ Services ∙ People www.geant.org

Performance objectives can be orientation/demonstration: simulating experience of an expected situation to increase awareness of vulnerabilities and the importance of effective action in response to the simulated conditions; learning: enhancing knowledge, skills, or abilities by individuals or groups with the goal of mastering specific competencies; cooperation: providing an opportunity for people to work together to achieve a common end result; experimenting: trying new methods and/or procedures with the intent of refinement; and, testing: evaluating a method and/or procedure to assess which components are sufficiently developed. Networks ∙ Services ∙ People www.geant.org

Exercise types Networks ∙ Services ∙ People www.geant.org

Exercise types Desk Check – A desk check is a method used to validate plans and procedures and any changes to them. This is usually conducted in conversation with the author of the plans and procedures. Tabletop exercise – a tabletop exercise covers all aspects of crisis management. All participants receive the same information in advance about the simulated crisis situation and their role. Distributed tabletop exercise – A distributed tabletop is a role-play exercise where participants play their usual role in the plans and procedures of a scenario. This exercise is similar in structure to a tabletop exercise, but there is no possibility for discussion. Command Post Exercise (CPX) – In a CPX (sandbox exercise), a crisis is simulated without the use of emergency services, external environmental factors or players. The crisis teams deal with questions and orders in a realistic and evolving scenario. Red Team/Blue Team - In a Red Team/Blue Team exercise, the red team attacks the network or another important business service and the blue team tries to foil the attempt. Networks ∙ Services ∙ People www.geant.org

Want to know more? Presentation ‘Securing Infrastructure’ at 16.00 in 7C Best practice SURFnet OZON exercise presented by Sandy Janssen Contact me at charlie.genuchten@geant.org Look up CLAW Crisis Management Exercise on GEANT wiki Or click here

Thank you and any questions Networks ∙ Services ∙ People www.geant.org Thank you and any questions Networks ∙ Services ∙ People www.geant.org © GEANT Limited on behalf of the GN4 Phase 1 project. The research leading to these results has received funding from the European Union’s Horizon 2020 research and innovation programme under Grant Agreement No. 691567 (GN4-1). 8