Presentation is loading. Please wait.

Presentation is loading. Please wait.

NRIC VI Report – Part 1: Homeland Security -The Council has assessed vulnerabilities in the public telecommunications networks and the Internet and determined.

Published byLily Barker Modified over 8 years ago

Similar presentations

Presentation on theme: "NRIC VI Report – Part 1: Homeland Security -The Council has assessed vulnerabilities in the public telecommunications networks and the Internet and determined."— Presentation transcript:

1 NRIC VI Report – Part 1: Homeland Security -The Council has assessed vulnerabilities in the public telecommunications networks and the Internet and determined how best to address those vulnerabilities. - The Council has produced reports containing prevention and restoration best practices. - The Council is also addressing actions that may be necessary to ensure that commercial telecommunications services networks can meet the special needs of public-safety emergency communications. - The Council also developed Mutual Aid guidance for service providers and network operators to follow during a crisis. Federal Communications Commission Network Reliability and Interoperability Council VI

2 NRIC VI Report – Part 1: Homeland Security Session Chair: Karl Rauscher, Network Reliability Office, Lucent Technologies Bell Laboratories Jeffery Goldthorp, Chief, Network Technology Division, FCC NRIC DFO William Hancock, Chief Security Officer, Exodus Mike Roden, Executive Director, Cingular Wireless Gordon Barber, General Manager, Network, BellSouth Federal Communications Commission Network Reliability and Interoperability Council VI

3 H OMELAND S ECURITY P HYSICAL S ECURITY (Focus Group 1A) SUPERCOMM June 2, 2003 - Atlanta, Georgia K ARL F. R AUSCHER Chair Homeland Security Physical Security Focus Group (1A) Chair-Elect IEEE Technical Committee on Communications Quality & Reliability (CQR) Director Network Reliability, Lucent Technologies Bell Labs Chair NRIC V Best Practices Subcommittee Founder Wireless Emergency Response Team (WERT) Vice Chair ATIS Network Reliability Steering Committee (NRSC) Representative DHS National Coordinating Center (NCC) for Telecommunications, Telecom-ISAC Federal Communications Commission Network Reliability and Interoperability Council VI

4 H OMELAND S ECURITY P HYSICAL S ECURITY F OCUS G ROUP 1A 9/20/2015 K. F. Rauscher 4 Focus Group Mission The Focus Group will assess physical vulnerabilities in the public telecommunications networks and the Internet and determine how best to address those vulnerabilities to prevent disruptions that would otherwise result from terrorist activities, natural disasters, or similar types of occurrences. The Focus Group will conduct a survey of current practices by wireless, wireline, satellite, and cable telecommunications and Internet services providers, network operators and equipment suppliers that address Homeland Defense. By December 31, 2002 the Focus Group will issue a report identifying areas for attention and describing best practices, with checklists, that should be followed to prevent disruptions of public telecommunications services and the Internet from terrorist activities, natural disasters, or similar types of occurrences. The Focus Group will report on current disaster recovery mechanisms, techniques, and best practices and develop any additional best practices, mechanisms, and techniques that are necessary, or desirable, to more effectively restore telecommunications services and Internet services from disruptions arising from terrorist activities, natural disasters, or similar types of occurrences. The Focus Group will issue a report containing best practices recommendations, and recommended mechanisms and techniques (including checklists), for disaster recovery and service restoration. The Focus Group will issue this report within twelve (12) months of the first Council meeting. The Focus Group will coordinate with the Homeland Security Cyber Security Focus Group (1B) to assure that vulnerabilities in the public telecommunications networks and the Internet are assessed, and to determine how best to address those vulnerabilities to prevent disruptions that would otherwise result from terrorist activities, natural disasters, or similar types of occurrences. The Focus Group will also coordinate with other Focus Groups, as appropriate.

5 H OMELAND S ECURITY P HYSICAL S ECURITY F OCUS G ROUP 1A 9/20/2015 K. F. Rauscher 5 NRIC FGs Stakeholders Big Picture of Process Flow Focus Group 1A VulnerabilitiesVulnerabilities ThreatsThreats Existing BPs P & R Reports RecommendationsRecommendations Council Areas for Attention Checklists Best Practices Mechanisms Techniques SMEs $ Broader Industry AssembleVulnerabilities AssembleThreats assess determine conduct issue report develop Coordination Council Charter Steering Committee FCC & Industry AssembleBPs Survey CouncilCouncil CouncilCouncil INPUTS OUTPUTS SUPPORT OVERSIGHT

6 H OMELAND S ECURITY P HYSICAL S ECURITY F OCUS G ROUP 1A 9/20/2015 K. F. Rauscher 6 Team Membership Fred Tompkins Virgil Long Mike Kennedy Cathy Purvis Karl Rauscher Jim Runyon Rick Krock Ted Lach Anil Macwan Steven Warwick Richard Biby Steve McOwen Chris Miller Art Reilly Equipment & Software Suppliers Service Providers & Network Operators RalphWhitlark Shawn Cochran RalphWhitlark Shawn Cochran P.J.Aduskevicz RickCanaday Frank Maguire P.J.Aduskevicz RickCanaday Frank Maguire Steve Michalecki Michael Clements Jayne McCullough Thomas Priore, Jr. Daniel Jenkins Loye Manning John Morovich Percy Kimbrough John Cholewa Wayne Chiles Dick Craft Liz Geddes Roger Kochman Craig Swenson David Porte Government & Other Entities Bill Klein Perry Fergus Larry Stark Hank Kluepfel Chao-Ming Liu Tom Soroka, Jr Molly Schwarz Schwarz Consulting George Caldwell IBSS Al Woods New York Clearinghouse Jennifer Meredith Scott Jones Everett Dennison Delgie Jones Craig McQuate Eric Guerrino Jennifer Dickerson Heather Wyson Government & Other Entities Service Providers & Network Operators Rick Kemper Ken Buckley Federal Reserve System Eve Perris Ed Bickel Keith Hopkins Bob Postovit John L. Clarke III

7 H OMELAND S ECURITY P HYSICAL S ECURITY F OCUS G ROUP 1A 9/20/2015 K. F. Rauscher 7 Scope “Physical” Security in context of Homeland Security –Complement Cyber (FG 1B) to ensure 100% coverage –In context of Homeland Security: Reliability of Services Security of Networks Security of Enterprises Network Types –wireline, wireless, satellite, cable, and the Internet –circuit switched, packet switched and converged technologies Industry Roles –service providers, network operators, equipment suppliers Threat Sources –terrorist activities, natural disasters, or similar types of occurrences

8 H OMELAND S ECURITY P HYSICAL S ECURITY F OCUS G ROUP 1A 9/20/2015 K. F. Rauscher 8 Definitions Vulnerability A characteristic of any aspect of the communications infrastructure that renders it, or some portion of it, susceptible to damage or compromise. Threat Anything with the potential to damage or compromise the communications infrastructure or some portion of it

9 H OMELAND S ECURITY P HYSICAL S ECURITY F OCUS G ROUP 1A 9/20/2015 K. F. Rauscher 9 Hardware Software Environment Payload NetworksPolicy HumanPower Communications Infrastructure C OMMUNICATIONS I NFRASTRUCTURE Other Infrastructures TRANSPORTATION ENERGY FINANCIAL PUBLIC HEALTH LAW ENFORCEMENT

10 H OMELAND S ECURITY P HYSICAL S ECURITY F OCUS G ROUP 1A 9/20/2015 K. F. Rauscher 10 Vulnerabilities – Threats - Best Practices Framework Vulnerabilities Threats Environment accessible identifiable physical damageHardware vibration / shock temperature extremes electromagnetic radiationPolicy foreign national ownership electromagnetic weapons thermal nuclear war hijacking of a network X-111 X-999 X-555 X-123 X-789 Best Practices Best Practices that Vulnerabilities a) address Vulnerabilities Threats b) address Threats by preventing the exercise of vulnerabilities, and/or mitigating the impact should a vulnerability be exercised X-222

11 H OMELAND S ECURITY P HYSICAL S ECURITY F OCUS G ROUP 1A 9/20/2015 K. F. Rauscher 11 Power Power – includes the internal power infrastructure, batteries, grounding, high voltage and other cabling, fuses, back-up emergency generators and fuel Areas for Attention 1.Internal Power Infrastructure Is Often Overlooked 2.Rules Permitting Access to Internal Power Systems Increase Risk 3Priorities for Good Power Systems Management Compete with Environmental Concerns 4Power System Competencies Needs to Be Maintained Example Best Practice (6-6-5207) Service Providers and Network Operators should take appropriate precautions at critical installations to ensure that fuel supplies and alternate sources are available in the event of major disruptions in a geographic area (e.g., hurricane, earthquake, pipeline disruption).

12 H OMELAND S ECURITY P HYSICAL S ECURITY F OCUS G ROUP 1A 9/20/2015 K. F. Rauscher 12 Hardware Hardware – includes the hardware frames, electronics circuit packs and cards, metallic and fiber optic transmission cables and semiconductor chips Areas for Attention 1. Nuclear Attack 2. Hardness to Radiation 3. Solar Flares and Coronal Mass Ejection Example Best Practice (6-6-5118) Equipment Suppliers of critical network elements should test electronic hardware to ensure its compliance with appropriate electromagnetic energy tolerance criteria for electromagnetic energy, shock, vibration, voltage spikes, and temperature.

13 H OMELAND S ECURITY P HYSICAL S ECURITY F OCUS G ROUP 1A 9/20/2015 K. F. Rauscher 13 NCS

14 H OMELAND S ECURITY P HYSICAL S ECURITY F OCUS G ROUP 1A 9/20/2015 K. F. Rauscher 14 Progress Process Architecture –aligned with mission –protects sensitive information Vulnerabilities Framework –systematic assessment –integrates information –enables quick access and focus Establish Vulnerability Task Teams –engage additional expert –more rigor Best Practices NC S

15 H OMELAND S ECURITY P HYSICAL S ECURITY F OCUS G ROUP 1A 9/20/2015 K. F. Rauscher 15 Results: Summary Statistics 1 Report (Issue 2) 10 Recommendations 26 Areas for Attention Best Practices –185 Prevention –107 Restoration > 5,000 Participant-Hours in working meetings Over 7 million possible Checklists (using 5 or less Keywords) Creation of an Integrated Vulnerabilities – Threats – Best Practices Framework Systematic assessment of communications infrastructure vulnerabilities and corresponding development of Prevention and Restoration Best Practices Summary of Key Accomplishments March 14 Presentation March 7 Council Letter March 14 Draft Report 120 pages (www.nric.org)

16 H OMELAND S ECURITY P HYSICAL S ECURITY F OCUS G ROUP 1A 9/20/2015 K. F. Rauscher 16 Best Practices Access via Web

17 H OMELAND S ECURITY P HYSICAL S ECURITY F OCUS G ROUP 1A 9/20/2015 K. F. Rauscher 17 Best Practices in My Company Throughout Lifecycle Planning & Design Provisioning & Installation Operation & Administration Repair & Decommission All Elements Throughout Organization Functions & Levels Across Network Types

18 H OMELAND S ECURITY P HYSICAL S ECURITY F OCUS G ROUP 1A 9/20/2015 K. F. Rauscher 18 1.Work Is Critical and Urgent... Successful completion of our mission is vital to national security 2.High Quality, On-Time Deliverables that Are Trustworthy and Thorough... Fulfill applicable Charter requirements and meet the needs of the Nation 3.Clear Objectives... For team, and individual participants and organizations 4.Leadership Will Pursue Consensus of Team... Also needs to set pace & guide fulfillment of charter 5.Follow a Scientific Approach, Not Merely Collect Subjective Opinions... Be objective and practice a disciplined methodology 6.Capture Every Good Idea... Welcome new and different perspectives for consideration 7.Respect for Individuals... Open and honest interactions Guiding Principles

19 H OMELAND S ECURITY P HYSICAL S ECURITY F OCUS G ROUP 1A 9/20/2015 K. F. Rauscher 19 Seven Principles in Developing Best Practices 1.“People Implement Best Practices" 2.Do not endorse commercial or specific "pay for" documents, products or services 3.Address classes of problems 4.Already implemented 5.Developed by industry consensus 6.Best Practices are verified by a broader set of industry members 7.Sufficient rigor and deliberation NRIC Best Practices bring the industry’s best minds & experience together to provide guidance that could not be achieved by companies on their own

20 H OMELAND S ECURITY P HYSICAL S ECURITY F OCUS G ROUP 1A 9/20/2015 K. F. Rauscher 20 Implementing Best Practices Intended Use –Implementation is voluntary –Service Providers, Network Operators, and Equipment Suppliers are urged to prioritize –Guidance on how best to protect the U.S. communications infrastructure –Decisions of whether or not to implement a specific Best Practice are left with the responsible organization History of NRIC Best Practices –ATIS NRSC confirmation of effectiveness –Fifth Council Survey Results Risk to not implement the Best Practices Not a high cost to implement the Best Practices Best Practices are effective in preventing outages Already a high level of implementation of the Best Practices

21 H OMELAND S ECURITY P HYSICAL S ECURITY F OCUS G ROUP 1A 9/20/2015 K. F. Rauscher 21 Examples of Industry Cooperation Success

22 H OMELAND S ECURITY P HYSICAL S ECURITY F OCUS G ROUP 1A 9/20/2015 K. F. Rauscher 22 NRIC VI-1A-01 NRIC VI Physical Security Prevention Best Practices NRIC VI-1A-02 Chemical and Biological Agents in Air Handling Systems NRIC VI-1A-03 Voluntary National Background Checks NRIC VI-1A-04 Review Infrastructure-related Mergers and Acquisitions Summary of 4 Council-Approved Recommendations (December 2002)

23 H OMELAND S ECURITY P HYSICAL S ECURITY F OCUS G ROUP 1A 9/20/2015 K. F. Rauscher 23 NRIC VI-1A-05 NRIC VI Physical Security Restoration Best Practices NRIC VI-1A-06 & 07 Role of the NCS/NCC and Telecom-ISAC in U.S. Homeland Security NRIC VI-1A-08 National Security and Emergency Preparedness Priority Services NRIC VI-1A-09 NSTAC Policy for Emergency Response and Service Restoration NRIC VI-1A-010 CEOs Leadership in Corporate Security Culture Summary of 6 Recommendations (March 2003)

24 H OMELAND S ECURITY P HYSICAL S ECURITY F OCUS G ROUP 1A 9/20/2015 K. F. Rauscher 24

25 H OMELAND S ECURITY P HYSICAL S ECURITY F OCUS G ROUP 1A 9/20/2015 K. F. Rauscher 25 Keyword Associations Next Steps PHYSICAL CYBER HW SW HW SW HW SW HW Blended Attacks Supplier Outsourcing Industry Survey Today IndustryOutreach Report Issue 3 www.nric.org

26 H OMELAND S ECURITY P HYSICAL S ECURITY F OCUS G ROUP 1A 9/20/2015 K. F. Rauscher 26 NRIC Best Practices provide unparalleled guidance for the communications industry for –Network Reliability –Network Interoperability –Homeland Security When implemented, Best Practices are effective Decisions for individual Best Practices implementation should be made by experts within each company “Take Aways”

Download ppt "NRIC VI Report – Part 1: Homeland Security -The Council has assessed vulnerabilities in the public telecommunications networks and the Internet and determined."

Similar presentations

B EST P RACTICES T UTORIAL 2/13/2014 K. F. Rauscher 1 IEEE Communications Society Technical Committee on Communications Quality & Reliability (CQR) PSAP.

B EST P RACTICES T UTORIAL 2/13/2014 K. F. Rauscher 1 IEEE Communications Society Technical Committee on Communications Quality & Reliability (CQR) PSAP.
IEEE COMMUNICATIONS SOCIETY Karl Rauscher October 17, 2006 C Q R Some Remarks Karl F. Rauscher Chair, IEEE CQR Advisory Board Bell Labs Fellow Executive.

IEEE COMMUNICATIONS SOCIETY Karl Rauscher October 17, 2006 C Q R Some Remarks Karl F. Rauscher Chair, IEEE CQR Advisory Board Bell Labs Fellow Executive.
K. F. Rauscher November 2004 C Q R Welcome IEEE COMMUNICATIONS SOCIETY Emergency Power Conference Monday, November 22, 2004 Bell Labs Network Reliability.

K. F. Rauscher November 2004 C Q R Welcome IEEE COMMUNICATIONS SOCIETY Emergency Power Conference Monday, November 22, 2004 Bell Labs Network Reliability.
Homeland Security at the FCC July 10, 2003. FCCs Homeland Security Focus Interagency Partnerships Industry Partnerships Infrastructure Protection Communications.

Homeland Security at the FCC July 10, FCCs Homeland Security Focus Interagency Partnerships Industry Partnerships Infrastructure Protection Communications.
Best Practices Tutorial

Best Practices Tutorial
More Fiber in your Diet Richard Krock National Conference on Emergency Communications Systems December 12, 2005.

More Fiber in your Diet Richard Krock National Conference on Emergency Communications Systems December 12, 2005.
Protecting the Public, Astronauts and Pilots, the NASA Workforce, and High-Value Equipment and Property Mission Success Starts With Safety “September 11th.

Protecting the Public, Astronauts and Pilots, the NASA Workforce, and High-Value Equipment and Property Mission Success Starts With Safety “September 11th.
National Infrastructure Protection Plan

National Infrastructure Protection Plan
DHS, National Cyber Security Division Overview

DHS, National Cyber Security Division Overview
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
AUDIT COMMITTEE FORUM TM ACF Roundtable IT Governance – what does it mean to you as an audit committee member July 2010 The AUDIT COMMITTEE FORUM TM is.

AUDIT COMMITTEE FORUM TM ACF Roundtable IT Governance – what does it mean to you as an audit committee member July 2010 The AUDIT COMMITTEE FORUM TM is.
1 LBNL Enterprise Computing (EC) January 2003 LBNL Enterprise Computing.

1 LBNL Enterprise Computing (EC) January 2003 LBNL Enterprise Computing.
Business Crisis and Continuity Management (BCCM) Class Session 3 3 - 1.

Business Crisis and Continuity Management (BCCM) Class Session
Overarching Roles of Critical Partners In A Project 9:30 – 10:00 Rob Curlee, FMO Joseph Dominque, OCISO Mike Perry, EA.

Overarching Roles of Critical Partners In A Project 9:30 – 10:00 Rob Curlee, FMO Joseph Dominque, OCISO Mike Perry, EA.
Managerial Flexibility in the Department of Homeland Security R. Steven Daniels, CSUB & Carolyn L. Clark-Daniels, Bakersfield, CA.

Managerial Flexibility in the Department of Homeland Security R. Steven Daniels, CSUB & Carolyn L. Clark-Daniels, Bakersfield, CA.
Alabama GIS Executive Council November 17, 2009. Alabama GIS Executive Council Governor Bob Riley signs Executive Order No. 38 on November 27 th, 2007.

Alabama GIS Executive Council November 17, Alabama GIS Executive Council Governor Bob Riley signs Executive Order No. 38 on November 27 th, 2007.
Risk Assessment Frameworks

Risk Assessment Frameworks
Best Practices Tutorial The primary objective of Best Practices is to provide guidance, based on assembled industry expertise and experience, to improve.

Best Practices Tutorial The primary objective of Best Practices is to provide guidance, based on assembled industry expertise and experience, to improve.
Review of Power Blackout on Telecom P. J

Review of Power Blackout on Telecom P. J
Internal Auditing and Outsourcing

Internal Auditing and Outsourcing

Similar presentations

Ads by Google