Presentation is loading. Please wait.

Presentation is loading. Please wait.

Introduction to the National Cybersecurity & Communications Integration Center (NCCIC) “A Partnership for Strength” 1.

Published byFerdinand Newman Modified over 8 years ago

Similar presentations

Presentation on theme: "Introduction to the National Cybersecurity & Communications Integration Center (NCCIC) “A Partnership for Strength” 1."— Presentation transcript:

1 Introduction to the National Cybersecurity & Communications Integration Center (NCCIC) “A Partnership for Strength” 1

2 NCCIC Overview and Mission
NCCIC Overview - -Operates at the intersection of the network defense, private sector, civilian, law enforcement, intelligence, and defense communities - cybersecurity and communications domains NCCIC Mission – -Apply unique analytic perspectives -Ensure shared situational awareness -Orchestrate synchronized response efforts -Protect the Constitutional and privacy rights of Americans

3 We NEED to Think Differently - A New Paradigm for Security
Security breaches are inevitable Leadership must OWN the problem Manage Risk – build into security – threat centric Situational Awareness - vital Resilience is ESSENTIAL - operate through compromise Compliance is NOT security Partnership between government and industry is critical Culture Shift – Reactive to PROACTIVE!!! Leadership MUST OWN – this is a CEO/Board responsibility to get ahead of threats, manage risk set up to be resilient – CAN’T be “clean up on aisle 9” - Don’t cede the field to cyber ninjas – understand coast and consequences – manage risk All Threats are NOT Equal - Attacks which are targeted & persistent - greatest challenge, greatest risk The Biggies Economic Espionage – Targeted & Persistent…gain economic advantage Organized Crime - Targeted & Persistent…financial gain Hacktivists – Targeted…defamation and media interest Nuisances – DDoS efforts…prove it can be done, potential launch points 3

4 Traditional Cyber Security SOC, CSIRC, C&A, Policy
Dynamic cyber defense User Behavior Traditional Cyber Security SOC, CSIRC, C&A, Policy Intelligence Information Sharing IT/Network Security Leadership Mission Deep Net Awareness Dynamic Cyber Defense – be aggressive in defending – be open to new sources of intel – be open to new places to get and grow talent Leadership MUST own the problem set! - who are the players – Board, CEO, COO, CSO, CIO etc - what is their responsibility - understand the threat - plan & program for it – decide how to manage risk - exercise - work thru it – resilient – keep business/mission going What is intel? What it is NOT! Information vs Intelligence Information- -Raw, unfiltered feed -Unevaluated when delivered -Aggregated from virtually every source -May be true, false, misleading, incomplete, relevant or irrelevant. Intelligence -Processed, sorted information -Evaluation and interpreted by trained intelligence analysts -Aggregated from reliable sources and cross correlated for accuracy -Accurate, timely, complete (as possible), assessed for relevancy -Actionable Resilience 4

5 Protection of Information
Traffic-Light Protocol (TLP): Originator-controlled classification system developed to encourage greater sharing of sensitive (but unclassified) information with external entities. When should it be used? TLP Color How may it be shared? Sources may use TLP: RED when information cannot be effectively acted upon by additional parties, and could lead to impacts on a party’s privacy, reputation, or operations if misused. RED Recipients may not share TLP: RED information with any parties outside of the specific exchange, meeting or conversation in which it is originally disclosed. Sources may use TLP: AMBER when information requires support to be effectively acted upon, but carries risks to privacy, reputation, or operations if shared outside of the organizations involved. AMBER Recipients may only share TLP: AMBER information with members of their own organization, and only as widely as necessary to act on that information. Sources may use TLP: GREEN when information is useful for the awareness of all participating organizations as well as with peers within the broader community or sector. GREEN Recipients may share TLP: GREEN information with peers and partner organizations within their sector or community, but not via publicly accessible channels. Sources may use TLP: WHITE when information carries minimal or no risk of misuse, in accordance with applicable rules and procedures for public release. WHITE TLP: WHITE information may be distributed without restriction, subject to copyright controls.

6 Protection of Information (cont.)
Protected Critical Infrastructure Information (PCII) Information-protection program enhances voluntary information sharing between infrastructure owners and operators and the government PCII protections Guarantee shared information will not lead to the exposure of sensitive or proprietary data

7 -Understand Threat Landscape -Leadership OWNS a New Paradigm!
So What? -Understand Threat Landscape -Leadership OWNS a New Paradigm! -Consider Cybersecurity Framework -Implement 20 Critical Security Controls -Change – Reactive to Proactive – Intelligence & Information Sharing 7

8 8

9 BACK UP SLIDES

10 National Cybersecurity Team
Each Department has distinct, yet complementary roles: DHS: responsible for coordinating the domestic all-hazards preparedness efforts of executive departments and agencies DOJ: responsible for responding to domestic counterterrorism, intelligence, and law enforcement activities DOD: responsible for national defense, foreign cyber intelligence, protection of national security systems

11 NCCIC Pillars and Capabilities
NCCIC Operational Pillars Information Sharing Incident Handling / Crisis Management Analysis NCCIC In-House and Virtual Capabilities 24/7/365 Operations Center Critical Infrastructure / Key Resources (CI/KR) Sectors Information Sharing & Analysis Centers (ISAC) Fed/State/Local/Tribal Government International Partners NCCIC Branches United States Computer Emergency Readiness Team (US-CERT) Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) National Coordinating Center for Telecommunications (NCC) Operations & Integration (O&I)

12 Future NCCIC Focus Areas
Enhance the integration and coordination of national response to significant cyber events Create shared situational awareness among public sector, private sector, and international partners by coordinating the joint development and dissemination of timely and actionable cybersecurity and communications information Expand the Common Operating Picture (COP) Expand domestic and international relationships Increase provision of Enhanced Cybersecurity Services (ECS) Improve machine-readable exchange of information Improve on-site/remote assistance capabilities to rapidly respond to routine and significant cybersecurity and communications incidents in order to mitigate harmful activity, manage crisis situations, and support recovery

13 Liaison Officers (LNO) at NCCIC
Department of Justice DOJ FBI National Cyber Investigative Joint Task Force (NCI-JTF) Department of Defense NSA/Central Security Service (CSS) Threat Operations Center (NTOC) DOD CYBERCOM DOD Cyber Crime Center (DC3) DOD NORTHCOM Department of Homeland Security DHS Cybersecurity Legal Staff DHS Cybersecurity Public Affairs DHS National Operations Center (NOC) DHS Security Operations Center (SOC) Immigration and Customs Enforcement National Infrastructure Coordination Center (NICC) United States Coast Guard United States Secret Service Department of State Information Sharing and Analysis Centers Communications ISAC Energy Sector ISAC Financial Services ISAC Information Technology ISAC Multi-State ISAC Other private sector entities 13

14 NCCIC Liaison Officers Located at External Organizations
Department of Defense (DOD) Cyber Command (CYBERCOM) DOD Northern Command (NORTHCOM) DOD Defense Cyber Crime Center (DC3) DOJ FBI National Cyber Investigative Joint Task Force (NCI-JTF) NSA/Central Security Service (CSS) National Threat Operations Center (NTOC) DHS National Operations Center (NOC) 14

Download ppt "Introduction to the National Cybersecurity & Communications Integration Center (NCCIC) “A Partnership for Strength” 1."

Similar presentations

Philippine Cybercrime Efforts

Philippine Cybercrime Efforts
Department of Homeland Security Site Assistance Visit (SAV)

Department of Homeland Security Site Assistance Visit (SAV)
UNCLASSIFIED OFFICE OF ASSOCIATE DIRECTOR FOR MILITARY AFFAIRS March 2009 Train like you fight and fight like you train.

UNCLASSIFIED OFFICE OF ASSOCIATE DIRECTOR FOR MILITARY AFFAIRS March 2009 Train like you fight and fight like you train.
DEFENSE SUPPORT OF CIVIL AUTHORITIES (DSCA)

DEFENSE SUPPORT OF CIVIL AUTHORITIES (DSCA)
National Infrastructure Protection Plan

National Infrastructure Protection Plan
1 NGA Regional Bio-Terrorism Conference Boston, Massachusetts January 12-13, 2004.

1 NGA Regional Bio-Terrorism Conference Boston, Massachusetts January 12-13, 2004.
The U.S. Coast Guard’s Role in Cybersecurity

The U.S. Coast Guard’s Role in Cybersecurity
Cyber Security R&D Challenges: A Homeland Security Perspective Simon Szykman, Ph.D. Director, Cyber Security R&D 202-254-5802.

Cyber Security R&D Challenges: A Homeland Security Perspective Simon Szykman, Ph.D. Director, Cyber Security R&D
DHS, National Cyber Security Division Overview

DHS, National Cyber Security Division Overview
South Carolina Cyber.

South Carolina Cyber.
National Space-Based Positioning, Navigation, and Timing (PNT) Federal Advisory Board DHS Challenges & Opportunities Captain Curtis Dubay, P.E. Department.

National Space-Based Positioning, Navigation, and Timing (PNT) Federal Advisory Board DHS Challenges & Opportunities Captain Curtis Dubay, P.E. Department.
© 2011 Delmar, Cengage Learning Part I The Nature and Setting of Police Administration Chapter 3 Police Administration and Homeland Security.

© 2011 Delmar, Cengage Learning Part I The Nature and Setting of Police Administration Chapter 3 Police Administration and Homeland Security.
US Army Corps of Engineers BUILDING STRONG ® Ty Brumfield (LNO to FEMA –RSF-IS National Coordinator Office of Homeland Security Directorate of Contingency.

US Army Corps of Engineers BUILDING STRONG ® Ty Brumfield (LNO to FEMA –RSF-IS National Coordinator Office of Homeland Security Directorate of Contingency.
Business Crisis and Continuity Management (BCCM) Class Session 3 3 - 1.

Business Crisis and Continuity Management (BCCM) Class Session
PPA 573 – Emergency Management and Homeland Security Lecture 9b - Department of Homeland Security Strategic Plan.

PPA 573 – Emergency Management and Homeland Security Lecture 9b - Department of Homeland Security Strategic Plan.
1 Intelligence Community and Classified Information.

1 Intelligence Community and Classified Information.
RAP: Tools and Technology National Preparedness Goal: Whole Community Geospatial Support 06 December 2011.

RAP: Tools and Technology National Preparedness Goal: Whole Community Geospatial Support 06 December 2011.
Session 121 National Incident Management Systems Session 12 Slide Deck.

Session 121 National Incident Management Systems Session 12 Slide Deck.
Presented by: Office of Homeland Security & Preparedness (OHSP)

Presented by: Office of Homeland Security & Preparedness (OHSP)
Resiliency Rules: 7 Steps for Critical Infrastructure Protection.

Resiliency Rules: 7 Steps for Critical Infrastructure Protection.

Similar presentations

Ads by Google