Sei sulla pagina 1di 12

Homeland

Security
Cybersecurity is about Risk
(Not Just Technology)
Brig. Gen. (ret) Greg Touhill
Deputy Assistant Secretary
Office of Cybersecurity and Communications
U.S. Department of Homeland Security

Buying Down Risk Through Better Cybersecurity

80%
Best
Practices

15%
Info
Sharing

5%
Planning
& Incident
Response

*Rule of thumb

Homeland
Security

Office of Cybersecurity and Communications

Best Practices
Top 5 Defensive Strategies:
1. Multifactor Identification
2. Network Segmentation
3. Control Privileged Access
4. Whitelist Apps
5. Guard your Back Door:
Contract with Security in
Mind

Homeland
Security

80%
Best
Practices

Office of Cybersecurity and Communications

Information Sharing Works!


Cyber Information Sharing and
Collaboration Program (CISCP)
Enhanced Cybersecurity
Services
Critical Infrastructure Cyber
Community (C) Voluntary
Program

15%
Info
Sharing

U.S. Computer Emergency


Readiness Team (US-CERT)
Homeland
Security

Office of Cybersecurity and Communications

Incident Response
National Cybersecurity & Communications
Integration Center (NCCIC)
U.S. Computer Emergency Readiness Team (US-CERT)
Industrial Control Systems Cyber Emergency Response
Team (ICS-CERT)
National Coordinating Center for Communications (NCC)
Cyber Watch

5%
Planning
& Incident
Response

Homeland
Security

Office of Cybersecurity and Communications

Tackling the Cybersecurity Issue


124+ Federal Departments and Agencies
Disparate missions and customers

Homeland
Security

Office of Cybersecurity and Communications


6

Tackling the Cybersecurity Issue

State, Local, Tribal,


Territorial Governments
80,000+ entities
Unique authorities and
budgets

Homeland
Security

Office of Cybersecurity and Communications


7

Cyber Strategy Elements

1. Guard the boundary


EINSTEIN

2. Manage and patrol interior lines


Continuous Diagnostics and Mitigation

3. Train the workforce


National Initiative for Cybersecurity Education

4. Adapt, innovate, and integrate new technology


and tactics, techniques, and procedures

Homeland
Security

Office of Cybersecurity and Communications


8

Linking the Private Sector


Defense Industrial
Base

Nuclear Reactors,
Materials & Waste

Transportation
Systems

Water &
Wastewater
Systems

Chemical

Emergency
Services

Commercial
Facilities

Energy

Communications

Financial Services

Critical
Manufacturing

Food &
Agriculture

Homeland
Security

Healthcare &
Public Health

Information
Technology

Government
Facilities

Dams

Office of Cybersecurity and Communications


9

Privacy, Civil Rights, Civil Liberties

Protecting:
Citizens
Economy
Values

Homeland
Security

Office of Cybersecurity and Communications


10

Cybersecurity is a team effort

National Cyber
Investigative
Task Force

Defense
Cyber Crime
Center

National Cybersecurity and


Communications Integration Center
Intelligence
Community
Security
Coordination
Center

National
Security
Agencys
Central
Security
Service
Threat
Operation
Center

U.S. Cyber Command

Homeland
Security

Office of Cybersecurity and Communications


11

A Call to Action
A threat to one is a threat to all
Share information
Cyber Neighborhood Watch

Bake security into new products,


organizational ethos, and agendas

Homeland
Security

Office of Cybersecurity and Communications


12

Potrebbero piacerti anche