300 likes | 552 Views
National Infrastructure Protection Center. PARTNERSHIP FOR PROTECTION. STATUS AND INITIATIVES November 2, 1999. CRITICAL INFRASTRUCTURES. Services so vital that their incapacity or destruction would have a debilitating impact on the defense or economic security of the United States.
E N D
National Infrastructure Protection Center PARTNERSHIP FOR PROTECTION STATUS AND INITIATIVES November 2, 1999
CRITICAL INFRASTRUCTURES Services so vital that their incapacity or destruction would have a debilitating impact on the defense or economic security of the United States
CRITICAL INFRASTRUCTURES • Telecommunications / Computer Systems • Electrical Power • Oil & Gas • Transportation • Banking & Finance • Water • Emergency Services • Government Operations
WHOSE PROBLEM IS IT ? • NOT JUST A FEDERAL GOVERNMENT ISSUE • AND NOT JUST A GOVERNMENT ISSUE • ANYONE - AT ANY LEVEL - CAN BE A TARGET OR A VICTIM OF TERRORISM
THREATS - HARD TO DEFINE CAPABILITY + INTENT x VULNERABILITY = THREAT • Traditional Adversaries • Economic Adversaries • Political Adversaries • Others / Potential Terrorists / Organized Crime / Non-State / Opportunists • RANGE OF CAPABILITY - - BUT SIGNIFICANT CAPABILITY IS EASY TO GET
POSSIBLE FUTURE THREATS • Cyber Mercenaries • Cyber Militia • Cyber Civil Disobedience (Domestic) • Cyber Protesters (International) • Cyber Terrorists • Cyber Activists / Futurists / Unknowns
Presidential Decision Directive 63 • Sets goal of a secure information system infrastructure by the year 2003, and increased government security by the year 2000 • Requires federal agencies to serve as a model in reducing cyber and physical infrastructure vulnerabilities • Seeks participation of private industry • Sets up a new structure to deal with this challenge
Special Function Agencies Banking & Finance Dept of Treasury DoJ / FBI Law Enforcement Internal Security Transportation Dept of Transportation Electric and Gas & Oil Dept of Energy DoD National Defense Information / Comms Dept of Commerce CIA Intelligence Emergency Law Enforcement Dept of Justice Government Services FEMA DoS Foreign Affairs Emergency Fire FEMA Public Health Services HHS Water Supply EPA Presidential Decision Directive 63 - National Structure Executive Office of the President OSTP (R&D) National Security Advisor National Infrastructure Assurance Council Critical Infrastructure Coordinating Group National Coordinator National Infrastructure Protection Center Critical Infrastructure Assurance Office SECTOR LEAD AGENCY Information Sharing and Analysis Center(s) The Private Sector
NIPC MISSION PDD-63, May 22, 1998: • The NIPC will provide a national focal point for gathering information on threats to the infrastructures. • Its mission will include providing timely warnings of intentional threats, comprehensive analyses and law enforcement investigation and response. • The NIPC will provide the principal means of facilitating and coordinating the Federal Government’s response to an incident, mitigating attacks, investigating threats and monitoring reconstitution efforts.
NATIONAL INFRASTRUCTURE PROTECTION CENTER • Composition - Interagency, multi-level • Multiple government agencies • Federal, state, and local law enforcement • Private sector representatives • Manning • FBI - 78 of 93 on board • Other government agencies - 29 of 40 on board DoD, DCIS, NSA, Services, NASA, GSA, CIA, USSS, DOE, USPS, State • Inbound includes FDIC, others
NIPC Organization NIPC Director Deputy Director Computer Investigations and Operations Section (CIOS) Analysis and Warning Section (AWS) Training, Outreach and Strategy Section (TOSS) Computer Investigations Unit Analysis and Information Sharing Unit Training and Continuing Education Unit Special Technologies Applications Unit Watch and Warning Unit Outreach and Field Support Unit Cyber Emergency Support Team Strategic Planning Unit
NIPC CAPABILITIES • Protection - Analysis & Warning Section is issuing warnings, alerts, other products • Prevention - STAU to coordinate R&D of tools and applications to be shared • Investigation - still strongest element; built on CITAC foundation
NIPC INFORMATION FLOW WATCH CENTER PRIVATE SECTOR ISACs INFRAGARD FED GOV’T INTELLIGENCE OTHERS ANALYSIS & WARNING COMPUTER INTRUSION INVESTIGATIONS WARNINGS ALERTS ADVISORIES INTERAGENCY INVESTIGATION DECISIONMAKERS
A DIFFICULT PROCESS IDENTIFICATION / ATTRIBUTION LEGAL CONSTRAINTS ARE WE SURE WE’RE SURE ?
NIPC INITIATIVES REPORTS & PRODUCT • Warnings, Alerts, and Advisories • Daily Watch Report • Biweekly CYBERNOTES • Critical Infrastructure Developments • Quarterly Infrastructure Protection Digest • Special Reports
NIPC INITIATIVES PRIVATE SECTOR CONTACTS NIPC establishing informal channels for the exchange of information • ISACs • Other structures
NIPC INITIATIVES InfraGard • Government alliance with private sector. Representatives from industry, government, academia, state & local law enforcement • Mechanism for systems owners and operators to communicate with colleagues • Improves dissemination of security information • Intrusion alert network & Secure web site • Chapter committees dedicated to concerns of membership • Seminars and training & Meetings with colleagues • Membership requirements • Membership agreement • Confidentiality pledge • Commitment to actively participate
NIPC INITIATIVES KEY ASSET INITIATIVE • FBI PROGRAM REVITALIZED • KEY ASSETS NEED TO BE REDEFINED • DATA BASE MAINTAINED AT NIPC • FIELD OFFICES GATHERING INFO • MUST BE COMPATIBLE WITH DOD PROGRAM
NIPC INITIATIVES SECTOR ACTIVITY FBI / NIPC - the lead for the Emergency Law Enforcement Services Sector • DIR, NIPC IS SECTOR LIAISON OFFICIAL • INVITED STATE & LOCAL LAW ENFORCEMENT ORGANIZATIONS • SECTOR COORDINATOR SELECTED • QUARTERLY MEETINGS • SECTOR PLAN UNDER REVIEW • FEDERAL LAW ENFORCEMENT TO BE INVITED TO NEXT MEETING
NIPC INITIATIVES INTERNATIONAL ACTIVITY • Investigative cooperation • G8 • Council of Europe • Participation in State-led effort to define international cooperative effort • Issues - What can be shared ? How ? With whom ?
Building the Partnership • Protect self using tools • Report intrusions • Safeguard information Government • Collect info about tools • Collect info about threat • Collect info about • organizations • Coordinate R&D • Provide info about tools • Issue Warnings, Alerts & Advisories • Protect proprietary data Private Sector
Doug Perritt National Infrastructure Protection Center Federal Bureau of Investigation Room 11719 935 Pennsylvania Avenue, NW Washington, DC 20535 dougperritt@fbi.gov perrittd@osd.pentagon.mil (202) 324-0305
ADMINISTRATION INITIATIVES R & D Additional funding sought for research into recognizing malicious code, detecting unauthorized intrusions, and developing other tools for infrastructure protection.
ADMINISTRATION INITIATIVES FEDERAL CYBER SERVICE PROGRAM • Would provide college scholarships for IT and Information Systems Security majors - up to 300 per year • Would require some amount of government service in return (Similar to ROTC concept)
ADMINISTRATION INITIATIVES INFORMATION SECURITY INSTITUTE • Would provide a national technical training center for Information Technology and Information Systems Security professionals • Would focus on continuing education
ADMINISTRATION INITIATIVES TRAINING PROGRAMS Through the institute and other mechanisms, would provide for professional training, certification, recognition and enhanced status for systems administrators and other information systems operators and security specialists.
ADMINISTRATION INITIATIVES EDUCATON AND AWARENESS • An effort to raise awareness of the seriousness of cyber security • In partnership with the private sector • To be launched in December