Presentation is loading. Please wait.

Presentation is loading. Please wait.

Creating a “Culture” of Cybersecurity

Similar presentations


Presentation on theme: "Creating a “Culture” of Cybersecurity"— Presentation transcript:

1 Creating a “Culture” of Cybersecurity
Robin “Montana” Williams Director, National Cybersecurity Education Office National Cyber Security Division June 26, 2012

2 “My greatest fear is that, rather than having a cyber-Pearl Harbor event, we will instead have this death of a thousand cuts. Where we lose our competitiveness by having all of our research and development stolen…”—Richard Clarke, former White House Cyber Czar

3 The World we live in!! 2/3 US businesses are Internet dependent
Cybercrime is a global epidemic—now exceed narco-drug trafficking 2/3 US businesses are Internet dependent 8 out of 10 think they are safe from cyber threats, yet 80% do not have formal security policies in place Average cost of a cyber attack on a small business is $188K 60% of small business close within 6 months of an attack 55% of the nation’s workforce is employed by small business Sources: SBA, Symantec, National Cyber Security Alliance & Zogby Int”l

4 A “Culture” of Cybersecurity…
Every man's ability may be strengthened or increased by culture—John Abbott—Prime Minister of Canada Awareness Cultural Analysis Responsibility Education & Training

5 Awareness in Cyberspace
Know the Threat Criminal Competitor Country Know your SWAG (valuables) Technology Research Resources Know their Tactics Phishing—Social Engineering Exploiting vulnerabilities

6 Organization Cultural Analysis (CA)
"Company cultures are like country cultures. Never try to change one. Try, instead, to work with what you've got.“ —Peter Drucker—Management Consultant Values—Espoused vs. Actual CA—the difference between values Integration Differentiation Fragmentation

7 Responsibility in Cyberspace
STOP—THINK—CONNECT Establish and ensure compliance with a company internet policy Force employees to change passwords < 90days DO NOT allow personal software or hardware on organizational networks Password protect computers, communications and critical data—use complex passphrases (F00tJan01ba!!#1) DO NOT open s or attachment from strangers Encourage the Reporting of suspicious activity

8 Education & Training Component 1: National Cybersecurity Awareness DHS Component 2: Formal Cybersecurity Education NSF DoED Component 3: Cybersecurity Workforce Structure DHS Component 4: Cybersecurity Workforce Training and Professional Development DHS ODNI DoD Define the Stakeholder Groups the groups should address NICS Portal

9 National Cybersecurity Framework
The Framework, released in 2011, outlines 31 functional work specialties within the cybersecurity field and is the foundation of the effort. The Framework was developed in collaboration with subject matter experts from government, non-profits, academia, and the private sector. The Framework organizes cybersecurity into seven high-level categories, each comprised of several specialty areas. The Framework has been broadly accepted as a best practice to define the cybersecurity field.

10 National Institute for Cybersecurity Studies (NICS) Portal
Serve as the Nation’s online resource to learn about cybersecurity awareness, education, careers, and workforce development opportunities. The portal’s vision is to elevate cybersecurity awareness and affect a change in the American public to adopt a culture of cyberspace security. NICS will be an online community for cybersecurity professionals and others to gain knowledge related to their field. The Portal will be steered by an Advisory Board to provide guidance on cybersecurity awareness, education, careers, and training.

11 Summary The World We Live In A Culture of Cybersecurity Awareness
Responsibility Education & Training Resources National Cybersecurity Workforce Framework National Institute for Cybersecurity Studies Portal

12 DHS Cybersecurity Education Contact Information For more information, please contact: Robin “Montana” Williams Director National Cybersecurity Education & Workforce Development National Cyber Security Division (Office) (BlackBerry)

13 Nat’l Cybersecurity Education Office
The National Cybersecurity Education Office (CEO) sits within the Department of Homeland Security’s (DHS) National Cyber Security Division (NCSD). CEO’s vision is a nation of competent digital citizens and an agile, robust cybersecurity workforce that sustains a safe, secure, resilient cyberspace environment so that American interests, aspirations, and way of life can thrive CEO’s mission is to lead cybersecurity education, training, and workforce development for our Nation to protect against and respond to cybersecurity threats and hazards to the Homeland CEO leads the collaborative national cybersecurity education effort. Including supporting NICE efforts to create cybersecurity awareness, formal education initiatives, development of a workforce structure and professionalizing & training the existing and future workforce. Department of Homeland Security National Protection and Programs Directorate National Cyber Security Division Global Cyber Security Management National Cybersecurity Education Office


Download ppt "Creating a “Culture” of Cybersecurity"

Similar presentations


Ads by Google